| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name |
|---|---|---|---|---|
| EOP-Antimalware-E3 | Antimalware | Technique Scores | T1204.002 | Malicious File |
| EOP-Antimalware-E3 | Antimalware | Technique Scores | T1204 | User Execution |
| EOP-Antimalware-E3 | Antimalware | Technique Scores | T1566.001 | Spearphishing Attachment |
| EOP-Antimalware-E3 | Antimalware | Technique Scores | T1566 | Phishing |
| EOP-Antimalware-E3 | Antimalware | Technique Scores | T1080 | Taint Shared Content |
| EOP-Antimalware-E3 | Antimalware | Technique Scores | T1027 | Obfuscated Files or Information |
| EOP-Antimalware-E3 | Antimalware | Technique Scores | T1036 | Masquerading |
| EOP-Antimalware-E3 | Antimalware | Technique Scores | T1059.006 | Python |
| EOP-Antimalware-E3 | Antimalware | Technique Scores | T1059.001 | PowerShell |
| EOP-Antimalware-E3 | Antimalware | Technique Scores | T1059 | Command and Scripting Interpreter |
| EOP-Antimalware-E3 | Antimalware | Technique Scores | T1059.009 | Cloud API |