Azure azure_firewall Mappings

Azure Firewall is a managed, cloud-based network security service that protects your Azure Virtual Network resources. It's a fully stateful firewall as a service (FWaaS) with built-in high availability and unrestricted cloud scalability.

Mappings

Capability ID	Capability Description	Category	Value	ATT&CK ID	ATT&CK Name
azure_firewall	Azure Firewall	protect	partial	T1590	Gather Victim Network Information
azure_firewall	Azure Firewall	protect	partial	T1590.004	Network Topology
azure_firewall	Azure Firewall	protect	partial	T1590.005	IP Addresses
azure_firewall	Azure Firewall	protect	partial	T1590.006	Network Security Appliances
azure_firewall	Azure Firewall	protect	partial	T1595	Active Scanning
azure_firewall	Azure Firewall	protect	partial	T1595.001	Scanning IP Blocks
azure_firewall	Azure Firewall	protect	partial	T1595.002	Vulnerability Scanning
azure_firewall	Azure Firewall	protect	partial	T1133	External Remote Services
azure_firewall	Azure Firewall	protect	partial	T1205	Traffic Signaling
azure_firewall	Azure Firewall	protect	partial	T1205.001	Port Knocking
azure_firewall	Azure Firewall	protect	partial	T1046	Network Service Scanning
azure_firewall	Azure Firewall	protect	partial	T1018	Remote System Discovery
azure_firewall	Azure Firewall	protect	partial	T1008	Fallback Channels
azure_firewall	Azure Firewall	protect	partial	T1095	Non-Application Layer Protocol
azure_firewall	Azure Firewall	protect	significant	T1571	Non-Standard Port
azure_firewall	Azure Firewall	protect	partial	T1219	Remote Access Software
azure_firewall	Azure Firewall	protect	partial	T1048	Exfiltration Over Alternative Protocol
azure_firewall	Azure Firewall	protect	partial	T1048.001	Exfiltration Over Symmetric Encrypted Non-C2 Protocol
azure_firewall	Azure Firewall	protect	partial	T1048.002	Exfiltration Over Asymmetric Encrypted Non-C2 Protocol
azure_firewall	Azure Firewall	protect	partial	T1048.003	Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol