| Capability ID | Capability Description | Category | Value | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|---|
| ME-MFA-E3 | Multi-factor Authentication | protect | significant | T1078.004 | Cloud Accounts |
Comments
Requiring the use of MFA for all users can significantly reduce the likelihood of adversaries gaining access to the environment's cloud accounts.
References
|
| ME-MFA-E3 | Multi-factor Authentication | protect | partial | T1136.003 | Cloud Account |
Comments
Requiring the use of MFA along with conditional access policies may reduce the likelihood of adversaries making modifications, such as creating cloud accounts.
References
|
| ME-MFA-E3 | Multi-factor Authentication | T1098.002 | Additional Email Delegate Permissions |
Comments
Requiring the use of MFA along with conditional access policies may reduce the likelihood of adversaries making modifications, such as changes to email delegate permissions.
References
|
||
| ME-MFA-E3 | Multi-factor Authentication | protect | partial | T1098.003 | Additional Cloud Roles |
Comments
Requiring the use of MFA along with conditional access policies may reduce the likelihood of adversaries making credential modifications, administrator changes, account manipulation, changes to permissions, etc.
References
|
| ME-MFA-E3 | Multi-factor Authentication | protect | partial | T1098.001 | Additional Cloud Credentials |
Comments
Requiring the use of MFA along with conditional access policies may reduce the likelihood of adversaries making credential modifications, administrator changes, account manipulation, changes to permissions, etc.
References
|
| ME-MFA-E3 | Multi-factor Authentication | protect | minimal | T1098 | Account Manipulation |
Comments
Requiring the use of MFA along with conditional access policies may reduce the likelihood of adversaries making credential modifications, administrator changes, account manipulation, changes to permissions, etc.
References
|
| ME-MFA-E3 | Multi-factor Authentication | protect | significant | T1110.004 | Credential Stuffing |
Comments
MFA can significantly reduce the impact of a password spraying, requiring the adversary to complete an additional authentication method before access is permitted. Based on studies, your account is less likely to get compromised by 99.9% by enabling MFA against the following techniques: phishing, brute force, credential stuffing, key logging, etc.
References
|
| ME-MFA-E3 | Multi-factor Authentication | T1110.003 | Password Spraying |
Comments
MFA can significantly reduce the impact of a password spraying, requiring the adversary to complete an additional authentication method before access is permitted. Based on studies, your account is less likely to get compromised by 99.9% by enabling MFA against the following techniques: phishing, brute force, credential stuffing, key logging, etc.
References
|
||
| ME-MFA-E3 | Multi-factor Authentication | protect | significant | T1110.002 | Password Cracking |
Comments
MFA can significantly reduce the impact of a password cracking, requiring the adversary to complete an additional authentication method before access is permitted. Based on studies, your account is less likely to get compromised by 99.9% by enabling MFA against the following techniques, for example: phishing, brute force, credential stuffing, key logging, etc.
References
|
| ME-MFA-E3 | Multi-factor Authentication | protect | significant | T1136.003 | Cloud Account |
Comments
MFA can significantly reduce the impact from adversaries creating accounts by requiring an additional authentication method for verification (e.g., Microsoft Authenticator, Authenticator Lite (in Outlook), Windows Hello for Business, FIDO2 security key, OATH hardware token (preview), OATH software token, SMS, Voice call, etc.)
References
|
| ME-MFA-E3 | Multi-factor Authentication | protect | significant | T1110.001 | Password Guessing |
Comments
MFA can significantly reduce the impact of a password compromise, requiring the adversary to complete an additional authentication method before access is permitted.
References
|
| ME-MFA-E3 | Multi-factor Authentication | protect | significant | T1110 | Brute Force |
Comments
MFA provides significant protection against password compromises, requiring the adversary to complete an additional authentication method before their access is permitted.
References
|
| ME-MFA-E3 | Multi-factor Authentication | protect | T1566.001 | Spearphishing Attachment |
Comments
MFA provides significant/partial/minimal security protection against phishing tactics and related sub-techniques.
References
|
|
| ME-MFA-E3 | Multi-factor Authentication | protect | T1566.002 | Spearphishing Link |
Comments
MFA provides significant/partial/minimal security protection against phishing tactics and related sub-techniques.
References
|
|
| ME-MFA-E3 | Multi-factor Authentication | protect | significant | T1566 | Phishing |
Comments
MFA provides significant/partial/minimal security protection against phishing tactics and related sub-techniques.
References
|
| ME-MFA-E3 | Multi-factor Authentication | protect | significant | T1530 | Data from Cloud Storage |
Comments
MFA provides significant protection by enforcing and restricting access to resources (e.g., cloud storage, APIs, etc.).
References
|