1. Home
  2. Mapping Frameworks
  3. M365 Home
  4. Security Alerts

M365 DEF-SECA-E3 Mappings

Microsoft Defender for Identity security alerts explain which suspicious activities were identified on your network and the actors and computers involved in the threats. Each alert is designed to help you quickly understand exactly what is happening on your network.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
DEF-SECA-E3 Security Alerts Technique Scores T1011 Exfiltration Over Other Network Medium
DEF-SECA-E3 Security Alerts Technique Scores T1550.002 Pass the Hash
DEF-SECA-E3 Security Alerts Technique Scores T1557.001 LLMNR/NBT-NS Poisoning and SMB Relay
DEF-SECA-E3 Security Alerts Technique Scores T1550 Use Alternate Authentication Material
DEF-SECA-E3 Security Alerts Technique Scores T1557 Adversary-in-the-Middle
DEF-SECA-E3 Security Alerts Technique Scores T1606 Forge Web Credentials
DEF-SECA-E3 Security Alerts Technique Scores T1187 Forced Authentication
DEF-SECA-E3 Security Alerts Technique Scores T1552.004 Private Keys
DEF-SECA-E3 Security Alerts Technique Scores T1003.006 DCSync
DEF-SECA-E3 Security Alerts Technique Scores T1003 OS Credential Dumping
DEF-SECA-E3 Security Alerts Technique Scores T1134.001 Token Impersonation/Theft
DEF-SECA-E3 Security Alerts Technique Scores T1134 Access Token Manipulation
DEF-SECA-E3 Security Alerts Technique Scores T1558.004 AS-REP Roasting
DEF-SECA-E3 Security Alerts Technique Scores T1558.003 Kerberoasting
DEF-SECA-E3 Security Alerts Technique Scores T1555 Credentials from Password Stores
DEF-SECA-E3 Security Alerts Technique Scores T1558.001 Golden Ticket
DEF-SECA-E3 Security Alerts Technique Scores T1110.003 Password Spraying
DEF-SECA-E3 Security Alerts Technique Scores T1110.001 Password Guessing
DEF-SECA-E3 Security Alerts Technique Scores T1110 Brute Force
DEF-SECA-E3 Security Alerts Technique Scores T1484.001 Group Policy Modification
DEF-SECA-E3 Security Alerts Technique Scores T1078 Valid Accounts
DEF-SECA-E3 Security Alerts Technique Scores T1484 Domain Policy Modification
DEF-SECA-E3 Security Alerts Technique Scores T1134.005 SID-History Injection
DEF-SECA-E3 Security Alerts Technique Scores T1134 Access Token Manipulation
DEF-SECA-E3 Security Alerts Technique Scores T1484 Domain Policy Modification
DEF-SECA-E3 Security Alerts Technique Scores T1098 Account Manipulation
DEF-SECA-E3 Security Alerts Technique Scores T1556.001 Domain Controller Authentication
DEF-SECA-E3 Security Alerts Technique Scores T1556 Modify Authentication Process
DEF-SECA-E3 Security Alerts Technique Scores T1210 Exploitation of Remote Services
DEF-SECA-E3 Security Alerts Technique Scores T1068 Exploitation for Privilege Escalation
DEF-SECA-E3 Security Alerts Technique Scores T1558.001 Golden Ticket
DEF-SECA-E3 Security Alerts Technique Scores T1558 Steal or Forge Kerberos Tickets
DEF-SECA-E3 Security Alerts Technique Scores T1134.001 Token Impersonation/Theft
DEF-SECA-E3 Security Alerts Technique Scores T1202 Indirect Command Execution
DEF-SECA-E3 Security Alerts Technique Scores T1069.002 Domain Groups
DEF-SECA-E3 Security Alerts Technique Scores T1069 Permission Groups Discovery
DEF-SECA-E3 Security Alerts Technique Scores T1049 System Network Connections Discovery
DEF-SECA-E3 Security Alerts Technique Scores T1018 Remote System Discovery
DEF-SECA-E3 Security Alerts Technique Scores T1046 Network Service Discovery
DEF-SECA-E3 Security Alerts Technique Scores T1087 Account Discovery
DEF-SECA-E3 Security Alerts Technique Scores T1087.002 Domain Account