| Capability ID | Capability Description | Category | Value | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|---|
| microsoft_antimalware_for_azure | Microsoft Antimalware for Azure | protect | minimal | T1566 | Phishing | |
| microsoft_antimalware_for_azure | Microsoft Antimalware for Azure | detect | minimal | T1566 | Phishing | |
| microsoft_antimalware_for_azure | Microsoft Antimalware for Azure | protect | minimal | T1566.001 | Spearphishing Attachment |
Comments
This control may quarantine and/or delete any spearphishing attachment that has been downloaded and matches a malware signature. Customized malware without a matching signature may not generate an alert.
References
|
| microsoft_antimalware_for_azure | Microsoft Antimalware for Azure | detect | partial | T1566.001 | Spearphishing Attachment |
Comments
This control may detect any spearphishing attachment that has been downloaded and matches a malware signature. Customized malware without a matching signature may not generate an alert.
References
|
| microsoft_antimalware_for_azure | Microsoft Antimalware for Azure | protect | minimal | T1204 | User Execution | |
| microsoft_antimalware_for_azure | Microsoft Antimalware for Azure | protect | minimal | T1204.002 | Malicious File |
Comments
This control monitors activity in cloud services and on virtual machines to block malware execution. This is dependent on a signature being available.
References
|
| microsoft_antimalware_for_azure | Microsoft Antimalware for Azure | detect | minimal | T1204.002 | Malicious File |
Comments
This control monitors activity in cloud services and on virtual machines to detect malware execution. This is dependent on a signature being available.
References
|
| microsoft_antimalware_for_azure | Microsoft Antimalware for Azure | protect | minimal | T1105 | Ingress Tool Transfer |
Comments
This control may scan created files for malware and proceed to quarantine and/or delete the file. This control is dependent on a signature being available.
References
|
| microsoft_antimalware_for_azure | Microsoft Antimalware for Azure | detect | minimal | T1105 | Ingress Tool Transfer |
Comments
This control may scan created files for malware. This control is dependent on a signature being available.
References
|
| microsoft_antimalware_for_azure | Microsoft Antimalware for Azure | protect | minimal | T1027 | Obfuscated Files or Information | |
| microsoft_antimalware_for_azure | Microsoft Antimalware for Azure | detect | minimal | T1027 | Obfuscated Files or Information | |
| microsoft_antimalware_for_azure | Microsoft Antimalware for Azure | protect | minimal | T1027.002 | Software Packing |
Comments
This control may quarantine and/or delete malware that has been packed by well known software packing utilities. These utilities can provide signatures that apply to a variety of malware.
References
|
| microsoft_antimalware_for_azure | Microsoft Antimalware for Azure | detect | minimal | T1027.002 | Software Packing |
Comments
This control may detect malware that has been packed by well known software packing utilities. These utilities can provide signatures that apply to a variety of malware.
References
|