ABOUT
Overview
Use Cases
Mapping Methodology
Scoring Rubric
Related Projects
ATT&CK OBJECTS
Matrix
Tactics
Techniques
MAPPING FRAMEWORKS
About Mappings
Amazon Web Services (AWS)
Azure
CVE
Google Cloud Platform (GCP)
NIST 800-53
M365
VERIS
You're currently viewing ATT&CK Version 8.2 Enterprise and Azure 06.29.2021.
Change versions here.
Home
Mapping Frameworks
Azure Home
Azure Policy Capability Group
Azure
Azure Policy
Capability Group
All Mappings
ATT&CK Version
8.2
ATT&CK Domain
Enterprise
Azure
06.29.2021
Change Versions
Capability ID
Capability Description
Category
Value
ATT&CK ID
ATT&CK Name
azure_policy
Azure Policy
protect
partial
T1190
Exploit Public-Facing Application
azure_policy
Azure Policy
protect
partial
T1133
External Remote Services
azure_policy
Azure Policy
protect
partial
T1590
Gather Victim Network Information
azure_policy
Azure Policy
protect
partial
T1590.002
DNS
azure_policy
Azure Policy
protect
partial
T1590.004
Network Topology
azure_policy
Azure Policy
protect
partial
T1590.005
IP Addresses
azure_policy
Azure Policy
protect
partial
T1590.006
Network Security Appliances
azure_policy
Azure Policy
protect
minimal
T1078
Valid Accounts
azure_policy
Azure Policy
protect
minimal
T1078.004
Cloud Accounts
azure_policy
Azure Policy
protect
minimal
T1098
Account Manipulation
azure_policy
Azure Policy
protect
minimal
T1098.001
Additional Cloud Credentials
azure_policy
Azure Policy
detect
minimal
T1525
Implant Container Image
azure_policy
Azure Policy
protect
partial
T1535
Unused/Unsupported Cloud Regions
azure_policy
Azure Policy
protect
minimal
T1505
Server Software Component
azure_policy
Azure Policy
protect
minimal
T1505.001
SQL Stored Procedures
azure_policy
Azure Policy
protect
minimal
T1068
Exploitation for Privilege Escalation
azure_policy
Azure Policy
protect
minimal
T1211
Exploitation for Defense Evasion
azure_policy
Azure Policy
protect
minimal
T1212
Exploitation for Credential Access
azure_policy
Azure Policy
protect
minimal
T1203
Exploitation for Client Execution
azure_policy
Azure Policy
protect
partial
T1110
Brute Force
azure_policy
Azure Policy
protect
partial
T1110.003
Password Spraying
azure_policy
Azure Policy
protect
partial
T1110.001
Password Guessing
azure_policy
Azure Policy
protect
partial
T1110.004
Credential Stuffing
azure_policy
Azure Policy
protect
partial
T1555
Credentials from Password Stores
azure_policy
Azure Policy
protect
partial
T1040
Network Sniffing
azure_policy
Azure Policy
protect
partial
T1580
Cloud Infrastructure Discovery
azure_policy
Azure Policy
protect
partial
T1538
Cloud Service Dashboard
azure_policy
Azure Policy
protect
partial
T1526
Cloud Service Discovery
azure_policy
Azure Policy
protect
minimal
T1210
Exploitation of Remote Services
azure_policy
Azure Policy
protect
minimal
T1021
Remote Services
azure_policy
Azure Policy
protect
minimal
T1021.001
Remote Desktop Protocol
azure_policy
Azure Policy
protect
minimal
T1021.004
SSH
azure_policy
Azure Policy
protect
partial
T1530
Data from Cloud Storage Object
azure_policy
Azure Policy
protect
minimal
T1071
Application Layer Protocol
azure_policy
Azure Policy
protect
minimal
T1071.004
DNS
azure_policy
Azure Policy
protect
minimal
T1537
Transfer Data to Cloud Account
azure_policy
Azure Policy
protect
minimal
T1485
Data Destruction
Capabilities
ATT&CK Version
8.2
ATT&CK Domain
Enterprise
Azure
06.29.2021
Change Versions
Capability ID
Capability Name
Number of Mappings
azure_policy
Azure Policy
37
