1. Home
  2. Mapping Frameworks
  3. Azure Home
  4. Azure Policy

Azure azure_policy Mappings

Azure Policy evaluates resources in Azure by comparing the properties of those resources to business rules. These business rules, described in JSON format, are known as policy definitions. Azure Policy helps to enforce organizational standards and to assess compliance at-scale.

Mappings

Capability ID Capability Description Category Value ATT&CK ID ATT&CK Name
azure_policy Azure Policy protect partial T1190 Exploit Public-Facing Application
azure_policy Azure Policy protect partial T1133 External Remote Services
azure_policy Azure Policy protect partial T1590 Gather Victim Network Information
azure_policy Azure Policy protect partial T1590.002 DNS
azure_policy Azure Policy protect partial T1590.004 Network Topology
azure_policy Azure Policy protect partial T1590.005 IP Addresses
azure_policy Azure Policy protect partial T1590.006 Network Security Appliances
azure_policy Azure Policy protect minimal T1078 Valid Accounts
azure_policy Azure Policy protect minimal T1078.004 Cloud Accounts
azure_policy Azure Policy protect minimal T1098 Account Manipulation
azure_policy Azure Policy protect minimal T1098.001 Additional Cloud Credentials
azure_policy Azure Policy detect minimal T1525 Implant Container Image
azure_policy Azure Policy protect partial T1535 Unused/Unsupported Cloud Regions
azure_policy Azure Policy protect minimal T1505 Server Software Component
azure_policy Azure Policy protect minimal T1505.001 SQL Stored Procedures
azure_policy Azure Policy protect minimal T1068 Exploitation for Privilege Escalation
azure_policy Azure Policy protect minimal T1211 Exploitation for Defense Evasion
azure_policy Azure Policy protect minimal T1212 Exploitation for Credential Access
azure_policy Azure Policy protect minimal T1203 Exploitation for Client Execution
azure_policy Azure Policy protect partial T1110 Brute Force
azure_policy Azure Policy protect partial T1110.003 Password Spraying
azure_policy Azure Policy protect partial T1110.001 Password Guessing
azure_policy Azure Policy protect partial T1110.004 Credential Stuffing
azure_policy Azure Policy protect partial T1555 Credentials from Password Stores
azure_policy Azure Policy protect partial T1040 Network Sniffing
azure_policy Azure Policy protect partial T1580 Cloud Infrastructure Discovery
azure_policy Azure Policy protect partial T1538 Cloud Service Dashboard
azure_policy Azure Policy protect partial T1526 Cloud Service Discovery
azure_policy Azure Policy protect minimal T1210 Exploitation of Remote Services
azure_policy Azure Policy protect minimal T1021 Remote Services
azure_policy Azure Policy protect minimal T1021.001 Remote Desktop Protocol
azure_policy Azure Policy protect minimal T1021.004 SSH
azure_policy Azure Policy protect partial T1530 Data from Cloud Storage Object
azure_policy Azure Policy protect minimal T1071 Application Layer Protocol
azure_policy Azure Policy protect minimal T1071.004 DNS
azure_policy Azure Policy protect minimal T1537 Transfer Data to Cloud Account
azure_policy Azure Policy protect minimal T1485 Data Destruction