Microsoft Antimalware for Azure is a free real-time protection that helps identify and remove viruses, spyware, and other malicious software. It generates alerts when known malicious or unwanted software tries to install itself or run on your Azure systems.
| Capability ID | Capability Description | Category | Value | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|---|
| microsoft_antimalware_for_azure | Microsoft Antimalware for Azure | protect | minimal | T1566 | Phishing | |
| microsoft_antimalware_for_azure | Microsoft Antimalware for Azure | detect | minimal | T1566 | Phishing | |
| microsoft_antimalware_for_azure | Microsoft Antimalware for Azure | protect | minimal | T1566.001 | Spearphishing Attachment |
Comments
This control may quarantine and/or delete any spearphishing attachment that has been downloaded and matches a malware signature. Customized malware without a matching signature may not generate an alert.
References
|
| microsoft_antimalware_for_azure | Microsoft Antimalware for Azure | detect | partial | T1566.001 | Spearphishing Attachment |
Comments
This control may detect any spearphishing attachment that has been downloaded and matches a malware signature. Customized malware without a matching signature may not generate an alert.
References
|
| microsoft_antimalware_for_azure | Microsoft Antimalware for Azure | protect | minimal | T1204 | User Execution | |
| microsoft_antimalware_for_azure | Microsoft Antimalware for Azure | protect | minimal | T1204.002 | Malicious File |
Comments
This control monitors activity in cloud services and on virtual machines to block malware execution. This is dependent on a signature being available.
References
|
| microsoft_antimalware_for_azure | Microsoft Antimalware for Azure | detect | minimal | T1204.002 | Malicious File |
Comments
This control monitors activity in cloud services and on virtual machines to detect malware execution. This is dependent on a signature being available.
References
|
| microsoft_antimalware_for_azure | Microsoft Antimalware for Azure | protect | minimal | T1105 | Ingress Tool Transfer |
Comments
This control may scan created files for malware and proceed to quarantine and/or delete the file. This control is dependent on a signature being available.
References
|
| microsoft_antimalware_for_azure | Microsoft Antimalware for Azure | detect | minimal | T1105 | Ingress Tool Transfer |
Comments
This control may scan created files for malware. This control is dependent on a signature being available.
References
|
| microsoft_antimalware_for_azure | Microsoft Antimalware for Azure | protect | minimal | T1027 | Obfuscated Files or Information | |
| microsoft_antimalware_for_azure | Microsoft Antimalware for Azure | detect | minimal | T1027 | Obfuscated Files or Information | |
| microsoft_antimalware_for_azure | Microsoft Antimalware for Azure | protect | minimal | T1027.002 | Software Packing |
Comments
This control may quarantine and/or delete malware that has been packed by well known software packing utilities. These utilities can provide signatures that apply to a variety of malware.
References
|
| microsoft_antimalware_for_azure | Microsoft Antimalware for Azure | detect | minimal | T1027.002 | Software Packing |
Comments
This control may detect malware that has been packed by well known software packing utilities. These utilities can provide signatures that apply to a variety of malware.
References
|