Firewall Rule Modification (d2ff4b56-8351-4ed8-b0fb-d8605366005f)

Changes made to a firewall rule, typically to allow/block specific network traffic (ex: Windows EID 4950 or Write/Delete entries within Azure Firewall Rule Collection Activity Logs)

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
Disable or Modify System Firewall - T1562.004 (5372c5fe-f424-4def-bcd5-d3a8e770f07b)	Attack Pattern	Firewall Rule Modification (d2ff4b56-8351-4ed8-b0fb-d8605366005f)	mitre-data-component	1
Firewall Rule Modification (d2ff4b56-8351-4ed8-b0fb-d8605366005f)	mitre-data-component	Disable or Modify Cloud Firewall - T1562.007 (77532a55-c283-4cd2-bc5d-2d0b65e9d88c)	Attack Pattern	1
Clear Network Connection History and Configurations - T1070.007 (3975dbb5-0e1e-4f5b-bae1-cf2ab84b46dc)	Attack Pattern	Firewall Rule Modification (d2ff4b56-8351-4ed8-b0fb-d8605366005f)	mitre-data-component	1
Indicator Removal - T1070 (799ace7f-e227-4411-baa0-8868704f2a69)	Attack Pattern	Firewall Rule Modification (d2ff4b56-8351-4ed8-b0fb-d8605366005f)	mitre-data-component	1
Firewall Rule Modification (d2ff4b56-8351-4ed8-b0fb-d8605366005f)	mitre-data-component	Impair Defenses - T1562 (3d333250-30e4-4a82-9edc-756c68afc529)	Attack Pattern	1
Disable or Modify System Firewall - T1562.004 (5372c5fe-f424-4def-bcd5-d3a8e770f07b)	Attack Pattern	Impair Defenses - T1562 (3d333250-30e4-4a82-9edc-756c68afc529)	Attack Pattern	2
Disable or Modify Cloud Firewall - T1562.007 (77532a55-c283-4cd2-bc5d-2d0b65e9d88c)	Attack Pattern	Impair Defenses - T1562 (3d333250-30e4-4a82-9edc-756c68afc529)	Attack Pattern	2
Clear Network Connection History and Configurations - T1070.007 (3975dbb5-0e1e-4f5b-bae1-cf2ab84b46dc)	Attack Pattern	Indicator Removal - T1070 (799ace7f-e227-4411-baa0-8868704f2a69)	Attack Pattern	2