Capability ID | Capability Description | Category | Value | ATT&CK ID | ATT&CK Name | Notes |
---|---|---|---|---|---|---|
azure_defender_for_container_registries | Azure Defender for Container Registries | protect | minimal | T1190 | Exploit Public-Facing Application |
Comments
This control may provide provide information about vulnerabilities within container images. The limited scope of containers and registries that are applicable to this control contribute to the lower score.
References
|
azure_defender_for_container_registries | Azure Defender for Container Registries | protect | minimal | T1068 | Exploitation for Privilege Escalation |
Comments
This control may provide recommendations to avoid privileged containers and running containers as root.
References
|
azure_defender_for_container_registries | Azure Defender for Container Registries | protect | partial | T1525 | Implant Container Image |
Comments
This control may prevent adversaries from implanting malicious container images through fine grained permissions and use of container image tag signing. Image tag signing allows for verifiable container images that have been signed with legitimate keys.
References
|
azure_defender_for_container_registries | Azure Defender for Container Registries | detect | partial | T1525 | Implant Container Image |
Comments
This control may scan and alert on import or creation of container images with known vulnerabilities or a possible expanded surface area for exploitation.
References
|