Azure Threat Research Matrix


In this article, I will share with you the Azure Threat Research Matrix. The purpose of the Azure Threat Research Matrix (ATRM) is to conceptualize the known tactics, techniques, and procedures (TTP) that adversaries may use against the Azure platform. Inspired from MITRE ATT&CK, ATRM is designed to give quick insight into a potential TTP that an adversary may be using in their attack campaign.

In comparison to MITRE ATT&CK, Azure does not have the same capabilities for some of the tactics, e.g. Initial Access. While some tactics in ATT&CK may pertain to Azure, the ATRM is meant to be specific within Azure AD and Azure Resources.



Démarrez une conversation

Votre adresse e-mail ne sera pas publiée. Les champs obligatoires sont indiqués avec *