1. Home
  2. Mapping Frameworks
  3. Azure Home
  4. Azure AD Multi-Factor Authentication Capability Group

Azure Azure AD Multi-Factor Authentication Capability Group

All Mappings

Capability ID Capability Description Category Value ATT&CK ID ATT&CK Name Notes
azure_ad_multi-factor_authentication Azure AD Multi-Factor Authentication protect significant T1110 Brute Force
Comments
MFA provides significant protection against password compromises, requiring the adversary to complete an additional authentication method before their access is permitted.
References
  1. https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-mfa-howitworks
azure_ad_multi-factor_authentication Azure AD Multi-Factor Authentication protect significant T1110.001 Password Guessing
Comments
MFA can significantly reduce the impact of a password compromise, requiring the adversary to complete an additional authentication method before their access is permitted.
References
    azure_ad_multi-factor_authentication Azure AD Multi-Factor Authentication protect significant T1110.003 Password Spraying
    Comments
    MFA can significantly reduce the impact of a password compromise, requiring the adversary to complete an additional authentication method before their access is permitted.
    References
      azure_ad_multi-factor_authentication Azure AD Multi-Factor Authentication protect significant T1110.004 Credential Stuffing
      Comments
      MFA can significantly reduce the impact of a password compromise, requiring the adversary to complete an additional authentication method before their access is permitted.
      References
        azure_ad_multi-factor_authentication Azure AD Multi-Factor Authentication protect minimal T1078 Valid Accounts
        Comments
        This control only protects cloud accounts and therefore its overall protection coverage is Minimal.
        References
        1. https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-mfa-howitworks
        azure_ad_multi-factor_authentication Azure AD Multi-Factor Authentication protect partial T1078.004 Cloud Accounts
        Comments
        MFA can provide protection against an adversary that obtains valid credentials by requiring the adversary to complete an additional authentication process before access is permitted. This is an incomplete protection measure though as the adversary may also have obtained credentials enabling bypassing the additional authentication method.
        References

          Capabilities

          Capability ID Capability Name Number of Mappings
          azure_ad_multi-factor_authentication Azure AD Multi-Factor Authentication 6