1. Home
  2. Mapping Frameworks
  3. Azure Home
  4. Azure DNS Analytics

Azure azure_dns_analytics Mappings

"DNS Analytics helps you to: identify clients that try to resolve malicious domain names, identify stale resource records, identify frequently queried domain names and talkative DNS clients, view request load on DNS servers, and view dynamic DNS registration failures. The solution collects, analyzes, and correlates Windows DNS analytic and audit logs and other related data from your DNS servers."

Mappings

Capability ID Capability Description Category Value ATT&CK ID ATT&CK Name
azure_dns_analytics Azure DNS Analytics detect minimal T1071 Application Layer Protocol
azure_dns_analytics Azure DNS Analytics detect minimal T1071.004 DNS
azure_dns_analytics Azure DNS Analytics detect minimal T1568 Dynamic Resolution
azure_dns_analytics Azure DNS Analytics detect minimal T1568.001 Fast Flux DNS
azure_dns_analytics Azure DNS Analytics detect minimal T1568.002 Domain Generation Algorithms
azure_dns_analytics Azure DNS Analytics detect minimal T1048 Exfiltration Over Alternative Protocol
azure_dns_analytics Azure DNS Analytics detect minimal T1048.003 Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol
azure_dns_analytics Azure DNS Analytics detect minimal T1041 Exfiltration Over C2 Channel
azure_dns_analytics Azure DNS Analytics detect minimal T1566 Phishing
azure_dns_analytics Azure DNS Analytics detect minimal T1566.002 Spearphishing Link