| Capability ID | Capability Description | Category | Value | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|---|
| azure_key_vault | Azure Key Vault | protect | partial | T1528 | Steal Application Access Token |
Comments
This control can provide protection against attackers stealing application access tokens if they are stored within Azure Key Vault. Key vault significantly raises the bar for access for stored tokens by requiring legitimate credentials with proper authorization. Applications may have to be modified to take advantage of Key Vault and may not always be possible to utilize.
References
|
| azure_key_vault | Azure Key Vault | protect | partial | T1555 | Credentials from Password Stores |
Comments
This control may provide a more secure location for storing passwords. If an Azure user account, endpoint, or application is compromised, they may have limited access to passwords stored in the Key Vault.
References
|
| azure_key_vault | Azure Key Vault | protect | partial | T1552 | Unsecured Credentials |
Comments
This control provides a central, secure location for storage of credentials to reduce the possibility of attackers discovering unsecured credentials.
References
|
| azure_key_vault | Azure Key Vault | protect | minimal | T1040 | Network Sniffing |
Comments
This control provides secure methods for accessing secrets and passwords. This can reduce the incidences of credentials and other authentication material being transmitted in plain text or by insecure encryption methods. Any communication between applications or endpoints after access to Key Vault may not be secure.
References
|