Capability ID | Capability Description | Category | Value | ATT&CK ID | ATT&CK Name |
---|---|---|---|---|---|
alerts_for_dns | Alerts for DNS | detect | partial | T1568 | Dynamic Resolution |
alerts_for_dns | Alerts for DNS | detect | partial | T1568.001 | Fast Flux DNS |
alerts_for_dns | Alerts for DNS | detect | partial | T1568.002 | Domain Generation Algorithms |
alerts_for_dns | Alerts for DNS | detect | minimal | T1071 | Application Layer Protocol |
alerts_for_dns | Alerts for DNS | detect | significant | T1071.004 | DNS |
alerts_for_dns | Alerts for DNS | detect | minimal | T1572 | Protocol Tunneling |
alerts_for_dns | Alerts for DNS | detect | minimal | T1090 | Proxy |
alerts_for_dns | Alerts for DNS | detect | minimal | T1048 | Exfiltration Over Alternative Protocol |
Capability ID | Capability Name | Number of Mappings |
---|---|---|
alerts_for_dns | Alerts for DNS | 8 |