| Capability ID | Capability Description | Category | Value | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|---|
| azure_private_link | Azure Private Link | protect | partial | T1557 | Man-in-the-Middle |
Comments
This control provides partial protection for this technique's sub-techniques resulting in an overall Partial score.
References
|
| azure_private_link | Azure Private Link | protect | partial | T1557.002 | ARP Cache Poisoning |
Comments
This control reduces the likelihood of MiTM for traffic between remote users, cloud, and 3rd parties by routing the traffic via the Microsoft backbone rather than over the Internet.
References
|
| azure_private_link | Azure Private Link | protect | partial | T1557.001 | LLMNR/NBT-NS Poisoning and SMB Relay |
Comments
This control reduces the likelihood of MiTM for traffic between remote users, cloud, and 3rd parties by routing the traffic via the Microsoft backbone rather than over the Internet.
References
|
| azure_private_link | Azure Private Link | protect | minimal | T1565 | Data Manipulation |
Comments
This control provides partial protection for one of this technique's sub-techniques resulting in an overall Minimal score.
References
|
| azure_private_link | Azure Private Link | protect | partial | T1565.002 | Transmitted Data Manipulation |
Comments
This control reduces the likelihood of data manipulation for traffic between remote users, cloud, and 3rd parties by routing the traffic via the Microsoft backbone rather than over the Internet.
References
|
| azure_private_link | Azure Private Link | protect | partial | T1499 | Endpoint Denial of Service |
Comments
Prevents Denial of Service (DOS) against systems that would otherwise need to connect via an internet-traversing path (coverage partial, since doesn't apply to systems that must be directly exposed to the Internet)
References
|
| azure_private_link | Azure Private Link | protect | partial | T1499.004 | Application or System Exploitation | |
| azure_private_link | Azure Private Link | protect | partial | T1499.003 | Application Exhaustion Flood | |
| azure_private_link | Azure Private Link | protect | partial | T1499.002 | Service Exhaustion Flood | |
| azure_private_link | Azure Private Link | protect | partial | T1499.001 | OS Exhaustion Flood | |
| azure_private_link | Azure Private Link | protect | partial | T1498 | Network Denial of Service |
Comments
Prevents Denial of Service (DOS) against systems that would otherwise need to connect via an internet-traversing path (coverage partial, since doesn't apply to systems that must be directly exposed to the Internet)
References
|
| azure_private_link | Azure Private Link | protect | partial | T1498.002 | Reflection Amplification | |
| azure_private_link | Azure Private Link | protect | partial | T1498.001 | Direct Network Flood | |
| azure_private_link | Azure Private Link | protect | partial | T1040 | Network Sniffing |
Comments
This control reduces the likelihood of a network sniffing attack for traffic between remote users, cloud, and 3rd parties by routing the traffic via the Microsoft backbone rather than over the Internet.
References
|
| Capability ID | Capability Name | Number of Mappings |
|---|---|---|
| azure_private_link | Azure Private Link | 14 |