Home
Mapping Frameworks
Azure Home
Azure Network Traffic Analytics

Azure azure_network_traffic_analytics Mappings

Traffic Analytics is a cloud-based solution that provides visibility into user and application activity in cloud networks. Traffic analytics analyzes Network Watcher network security group (NSG) flow logs to provide insights into traffic flow in your Azure cloud. It can identify security threats to, and secure your network, with information such as open-ports, applications attempting internet access, and virtual machines (VM) connecting to rogue networks.

Mappings

Capability ID	Capability Description	Category	Value	ATT&CK ID	ATT&CK Name
azure_network_traffic_analytics	Azure Network Traffic Analytics	detect	partial	T1199	Trusted Relationship
azure_network_traffic_analytics	Azure Network Traffic Analytics	detect	partial	T1602	Data from Configuration Repository
azure_network_traffic_analytics	Azure Network Traffic Analytics	detect	partial	T1602.001	SNMP (MIB Dump)
azure_network_traffic_analytics	Azure Network Traffic Analytics	detect	partial	T1602.002	Network Device Configuration Dump
azure_network_traffic_analytics	Azure Network Traffic Analytics	detect	minimal	T1542	Pre-OS Boot
azure_network_traffic_analytics	Azure Network Traffic Analytics	detect	partial	T1542.005	TFTP Boot
azure_network_traffic_analytics	Azure Network Traffic Analytics	detect	partial	T1563	Remote Service Session Hijacking
azure_network_traffic_analytics	Azure Network Traffic Analytics	detect	partial	T1563.002	RDP Hijacking
azure_network_traffic_analytics	Azure Network Traffic Analytics	detect	partial	T1563.001	SSH Hijacking
azure_network_traffic_analytics	Azure Network Traffic Analytics	detect	partial	T1048	Exfiltration Over Alternative Protocol
azure_network_traffic_analytics	Azure Network Traffic Analytics	detect	partial	T1048.003	Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol
azure_network_traffic_analytics	Azure Network Traffic Analytics	detect	partial	T1048.002	Exfiltration Over Asymmetric Encrypted Non-C2 Protocol
azure_network_traffic_analytics	Azure Network Traffic Analytics	detect	partial	T1048.001	Exfiltration Over Symmetric Encrypted Non-C2 Protocol
azure_network_traffic_analytics	Azure Network Traffic Analytics	detect	partial	T1190	Exploit Public-Facing Application
azure_network_traffic_analytics	Azure Network Traffic Analytics	detect	partial	T1021	Remote Services
azure_network_traffic_analytics	Azure Network Traffic Analytics	detect	partial	T1021.006	Windows Remote Management
azure_network_traffic_analytics	Azure Network Traffic Analytics	detect	partial	T1021.005	VNC
azure_network_traffic_analytics	Azure Network Traffic Analytics	detect	partial	T1021.004	SSH
azure_network_traffic_analytics	Azure Network Traffic Analytics	detect	partial	T1021.002	SMB/Windows Admin Shares
azure_network_traffic_analytics	Azure Network Traffic Analytics	detect	partial	T1021.001	Remote Desktop Protocol
azure_network_traffic_analytics	Azure Network Traffic Analytics	detect	partial	T1021.003	Distributed Component Object Model
azure_network_traffic_analytics	Azure Network Traffic Analytics	detect	partial	T1072	Software Deployment Tools
azure_network_traffic_analytics	Azure Network Traffic Analytics	detect	partial	T1133	External Remote Services
azure_network_traffic_analytics	Azure Network Traffic Analytics	detect	significant	T1046	Network Service Scanning
azure_network_traffic_analytics	Azure Network Traffic Analytics	detect	significant	T1571	Non-Standard Port
azure_network_traffic_analytics	Azure Network Traffic Analytics	detect	partial	T1071	Application Layer Protocol
azure_network_traffic_analytics	Azure Network Traffic Analytics	detect	partial	T1071.004	DNS
azure_network_traffic_analytics	Azure Network Traffic Analytics	detect	partial	T1071.003	Mail Protocols
azure_network_traffic_analytics	Azure Network Traffic Analytics	detect	partial	T1071.002	File Transfer Protocols
azure_network_traffic_analytics	Azure Network Traffic Analytics	detect	partial	T1499	Endpoint Denial of Service
azure_network_traffic_analytics	Azure Network Traffic Analytics	detect	partial	T1499.003	Application Exhaustion Flood
azure_network_traffic_analytics	Azure Network Traffic Analytics	detect	partial	T1499.002	Service Exhaustion Flood
azure_network_traffic_analytics	Azure Network Traffic Analytics	detect	partial	T1499.001	OS Exhaustion Flood
azure_network_traffic_analytics	Azure Network Traffic Analytics	detect	partial	T1090	Proxy
azure_network_traffic_analytics	Azure Network Traffic Analytics	detect	partial	T1090.003	Multi-hop Proxy
azure_network_traffic_analytics	Azure Network Traffic Analytics	detect	partial	T1090.002	External Proxy
azure_network_traffic_analytics	Azure Network Traffic Analytics	detect	partial	T1090.001	Internal Proxy