1. Home
  2. Mapping Frameworks
  3. M365 Home
  4. Advanced Threat Hunting

M365 DO365-ATH-E5 Mappings

Advanced hunting is a query-based threat hunting tool that lets you explore up to 30 days of raw data. You can proactively inspect events in your network to locate threat indicators and entities. The flexible access to data enables unconstrained hunting for both known and potential threats.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
DO365-ATH-E5 Advanced Threat Hunting Technique Scores T1087 Account Discovery
DO365-ATH-E5 Advanced Threat Hunting Technique Scores T1087.004 Cloud Account
DO365-ATH-E5 Advanced Threat Hunting Technique Scores T1110 Brute Force
DO365-ATH-E5 Advanced Threat Hunting Technique Scores T1110.001 Password Guessing
DO365-ATH-E5 Advanced Threat Hunting Technique Scores T1110.002 Password Cracking
DO365-ATH-E5 Advanced Threat Hunting Technique Scores T1110.003 Password Spraying
DO365-ATH-E5 Advanced Threat Hunting Technique Scores T1110.004 Credential Stuffing
DO365-ATH-E5 Advanced Threat Hunting Technique Scores T1538 Cloud Service Dashboard
DO365-ATH-E5 Advanced Threat Hunting Technique Scores T1189 Drive-by Compromise
DO365-ATH-E5 Advanced Threat Hunting Technique Scores T1114 Email Collection
DO365-ATH-E5 Advanced Threat Hunting Technique Scores T1114.002 Remote Email Collection
DO365-ATH-E5 Advanced Threat Hunting Technique Scores T1546 Event Triggered Execution
DO365-ATH-E5 Advanced Threat Hunting Technique Scores T1567 Exfiltration Over Web Service
DO365-ATH-E5 Advanced Threat Hunting Technique Scores T1567.004 Exfiltration Over Webhook
DO365-ATH-E5 Advanced Threat Hunting Technique Scores T1048 Exfiltration Over Alternative Protocol
DO365-ATH-E5 Advanced Threat Hunting Technique Scores T1606 Forge Web Credentials
DO365-ATH-E5 Advanced Threat Hunting Technique Scores T1562 Impair Defenses
DO365-ATH-E5 Advanced Threat Hunting Technique Scores T1562.008 Disable or Modify Cloud Logs
DO365-ATH-E5 Advanced Threat Hunting Technique Scores T1534 Internal Spearphishing
DO365-ATH-E5 Advanced Threat Hunting Technique Scores T1556 Modify Authentication Process
DO365-ATH-E5 Advanced Threat Hunting Technique Scores T1556.006 Multi-Factor Authentication
DO365-ATH-E5 Advanced Threat Hunting Technique Scores T1621 Multi-Factor Authentication Request Generation
DO365-ATH-E5 Advanced Threat Hunting Technique Scores T1566 Phishing
DO365-ATH-E5 Advanced Threat Hunting Technique Scores T1566.002 Spearphishing Link
DO365-ATH-E5 Advanced Threat Hunting Technique Scores T1199 Trusted Relationship
DO365-ATH-E5 Advanced Threat Hunting Technique Scores T1552 Unsecured Credentials
DO365-ATH-E5 Advanced Threat Hunting Technique Scores T1078 Valid Accounts
DO365-ATH-E5 Advanced Threat Hunting Technique Scores T1078.004 Cloud Accounts