microsoft, it, independent, windows server 2008, vista, annual salary survey, it managers, windows 7, exchange, sql, sharepoint, sbs server, scripting, microsoft, android

Microsoft this week described an Azure Threat Research Matrix for documenting tactics, techniques or procedures (TTPs) used against Azure services, including the Azure Active Directory service.

The newly announced Azure Threat Research Matrix is said to be “inspired from MITRE ATT&CK,” a documentation framework that’s used to catalog TTPs for Enterprise IT Systems and Mobile instances. However, Microsoft doesn’t think that the current Mitre ATT&CK approach is specific enough for Azure, as just “some tactics in ATT&CK may pertain.”

The Mitre Corp. has its own characterization of Mitre ATT&CK, as listed in its FAQ document. Its Enterprise IT Systems and Mobile documentation includes a bunch of items, including the Azure Active Directory service.

Here’s Mitre’s TTP documentation list:

  • Windows, macOS, Linux, Network infrastructure devices (Network), and Container technologies (Containers);
  • Cloud systems covering Infrastructure-as-a-Service (IaaS), Software-as-a-Service (SaaS), Office 365, Azure Active Directory (Azure AD), and Google Workspace;
  • Mobile devices covering Android and iOS.

Microsoft’s Rationale
Readers of Microsoft’s announcement had suggested that Microsoft should just stick with Mitre ATT&CK for Azure. In response, Ryan Hausknecht, a Microsoft Tech Community employee, offered some reasons why Microsoft was creating an alternative.

Microsoft doesn’t think Mitre ATT&CK is sufficient for Azure because Mitre prefers to just document TTPs that are used by an advanced persistent threat (APT) groups, Hausknecht explained. He added that Microsoft thinks it is best suited to provide information about potential Azure risks:

We felt as though since we own Azure/AAD, it is our responsibility to inform of the potential risks when using the platform. Nothing out of the box about Azure is inherently vulnerable, but there’s some very easy configuration slip-ups that can have a detrimental impact on a tenant. Thus, we figured there should be no one better than to document on potential defensive suggestions + best practices than us.

Hausknecht also said that “the MITRE matrix for AAD is very high level and does not go into specificities.”

Some Mitre ATT&CK descriptions do apply, Microsoft admitted, such as techniques associated with “hybrid-joined devices” and the Azure Active Directory service. In such cases, Microsoft isn’t including them in its Azure Threat Research Matrix.

“The intent of the ATRM is not to replace MITRE ATT&CK, but to rather be an alternative for pure Azure Resource & Azure AD TTPs,” the announcement clarified.

Microsoft Seeks Community Support
Microsoft wants to get the “greater security community’s input” on the Azure Threat Research Matrix, which “is being released under the MIT license and hosted on GitHub.” The Azure Threat Research Matrix won’t be wholly transparent, though, as Microsoft will obscure parts of the commands used for attacks.

“While the commands are also listed to show how to abuse a given technique, certain parts are omitted or obfuscated to prevent malicious abuse,” the announcement clarified.

On the Windows side, Microsoft currently uses the Mitre ATT&CK framework to describe “update Tuesday” software vulnerabilities in its monthly Security Update Guide documents. Security bulletins in the Security Update Guide sometimes contain detailed explanations, but they mostly lean toward providing short generic descriptions bereft of information.

Mitre Corp. is a U.S. nonprofit organization that provides overall “engineering and technical guidance for the federal government,” according to its history page description. It has military-academic roots from Massachusetts Institute of Technology work during World War II.

About the Author

Kurt Mackie is senior news producer for 1105 Media’s Converge360 group.

TECH NEWS RELATED

Excel Hyperlink Not Working? Here’s How to Fix It

It isn’t uncommon for hyperlinks in Excel to not work. Excel offers the feature of establishing a link between certain locations on either the web or your device. However, sometimes this tool does not work as you expect. When this happens, you can expect a dialog box alerting you ...

View more: Excel Hyperlink Not Working? Here’s How to Fix It

Solved: The Update is Not Applicable to Your Computer (10 Proven Ways)

If you are performing a manual installation of updates from Microsoft, you may face the error “The update is not applicable to your computer“. This generally happens when trying to install updates KB2919355 or KB4048955 on your computer. There are several reasons why this happens. Trying to install incompatible ...

View more: Solved: The Update is Not Applicable to Your Computer (10 Proven Ways)

Fix: Microsoft Excel Is Waiting for Another Application to Complete an OLE Action

You can come across the “Microsoft excel is waiting for another application to complete an ole action” error message while working with other applications such as Word or other in Excel. Generally, this happens when Excel doesn’t receive the required data from the other app it is interacting within ...

View more: Fix: Microsoft Excel Is Waiting for Another Application to Complete an OLE Action

Lenovo Ideapad Slim 3 (2021) Review: A House Without a View

Portable computing is not wanton spending anymore, it’s basically a requirement and requires careful deliberation. With the laptop market chock full of companies and laptop models, it’s difficult to filter through the noise. Even more difficult is finding a laptop that doesn’t break the bank while working without problems. While ...

View more: Lenovo Ideapad Slim 3 (2021) Review: A House Without a View

Parallels Desktop 18 for Mac Features Improved Windows Apps, Xbox, and PS4 Experience

A new Parallels Desktop 18 for Mac has been released, providing better compatibility for Windows apps and gaming controllers. Parallels’ latest version, which is now available on the market, showcases the capability of their software to run over 200,000 Windows applications and classic games. The new version of Parallels ...

View more: Parallels Desktop 18 for Mac Features Improved Windows Apps, Xbox, and PS4 Experience

A White Xbox Elite Series 2 Controller Seems to Be on the Way

Microsoft is yet to confirm the controller exists.

View more: A White Xbox Elite Series 2 Controller Seems to Be on the Way

10 Best Data Recovery Software for Windows 11 Free (2022)

Let’s admit it, data loss can happen, especially if you’re using an operating system like Windows 11. Microsoft’s Windows 11 may be the most good-looking operating system, but it has many flaws. Not only has Microsoft upped the requirements for Windows 11, but it has also removed certain features. ...

View more: 10 Best Data Recovery Software for Windows 11 Free (2022)

Apple Wants Passkeys to Replace Passwords: Here's Where You Can Try Them Out Now With iOS 16

Apple is on a mission to get rid of traditional passwords for good, and a step towards that future is something called “Passkeys.” Passkeys aim to entirely replace passwords in both apps and on the web and instead use either your finger or face as the password. Passkeys are part ...

View more: Apple Wants Passkeys to Replace Passwords: Here's Where You Can Try Them Out Now With iOS 16

West Midlands Combined Authority and Microsoft enter digital skills partnership

How to Insert Page Numbers in Word without Losing the Header or Footer?

The best action-adventure games on PC in 2022

Issues with opening XPS files in Windows 10/11 were confirmed

Windows 11 gaming improvements coming with Parallels Desktop 18

SD Gundam Battle Alliance will have different features based on the platform

Microsoft onboards ONDC to launch shopping app for Indian consumers

You can now explore No Man’s Sky without a graphics card

Microsoft Add Windows 10 Universal Print Capabilities

How to Fix “Trusted Platform Module Has Malfunctioned” Error in Windows

Xbox Series S to Get Performance Boost

Call of Duty: Modern Warfare II, Warzone reveals coming September 15

OTHER TECH NEWS

Top Car News Car News