M365 Microsoft Entra ID Capability Group

All Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
ME-RBAC-E3 Role Based Access Control Technique Scores T1078.001 Default Accounts
ME-RBAC-E3 Role Based Access Control Technique Scores T1213.002 Sharepoint
ME-RBAC-E3 Role Based Access Control Technique Scores T1213 Data from Information Repositories
ME-RBAC-E3 Role Based Access Control Technique Scores T1199 Trusted Relationship
ME-RBAC-E3 Role Based Access Control Technique Scores T1562.008 Disable or Modify Cloud Logs
ME-RBAC-E3 Role Based Access Control Technique Scores T1562 Impair Defenses
ME-RBAC-E3 Role Based Access Control Technique Scores T1530 Data from Cloud Storage
ME-RBAC-E3 Role Based Access Control Technique Scores T1484.002 Domain Trust Modification
ME-RBAC-E3 Role Based Access Control Technique Scores T1484 Domain Policy Modification
ME-RBAC-E3 Role Based Access Control Technique Scores T1556.007 Hybrid Identity
ME-RBAC-E3 Role Based Access Control Technique Scores T1556.006 Multi-Factor Authentication
ME-RBAC-E3 Role Based Access Control Technique Scores T1556 Modify Authentication Process
ME-RBAC-E3 Role Based Access Control Technique Scores T1648 Serverless Execution
ME-RBAC-E3 Role Based Access Control Technique Scores T1059.009 Cloud API
ME-RBAC-E3 Role Based Access Control Technique Scores T1059 Command and Scripting Interpreter
ME-RBAC-E3 Role Based Access Control Technique Scores T1651 Cloud Administration Command
ME-RBAC-E3 Role Based Access Control Technique Scores T1528 Steal Application Access Token
ME-RBAC-E3 Role Based Access Control Technique Scores T1538 Cloud Service Dashboard
ME-RBAC-E3 Role Based Access Control Technique Scores T1098.003 Additional Cloud Roles
ME-RBAC-E3 Role Based Access Control Technique Scores T1098.001 Additional Cloud Credentials
ME-RBAC-E3 Role Based Access Control Technique Scores T1098 Account Manipulation
ME-RBAC-E3 Role Based Access Control Technique Scores T1136.003 Cloud Account
ME-RBAC-E3 Role Based Access Control Technique Scores T1136 Create Account
ME-RBAC-E3 Role Based Access Control Technique Scores T1078.004 Cloud Accounts
ME-RBAC-E3 Role Based Access Control Technique Scores T1078 Valid Accounts
ME-RBAC-E3 Role Based Access Control Technique Scores T1087.004 Cloud Account
ME-RBAC-E3 Role Based Access Control Technique Scores T1087 Account Discovery
ME-RBAC-E3 Role Based Access Control Technique Scores T1548.005 Temporary Elevated Cloud Access
ME-PWA-E3 Passwordless Authentication Technique Scores T1539 Steal Web Session Cookie
ME-PWA-E3 Passwordless Authentication Technique Scores T1021.007 Cloud Services
ME-PWA-E3 Passwordless Authentication Technique Scores T1110.004 Credential Stuffing
ME-PWA-E3 Passwordless Authentication Technique Scores T1110.003 Password Spraying
ME-PWA-E3 Passwordless Authentication Technique Scores T1110.002 Password Cracking
ME-PWA-E3 Passwordless Authentication Technique Scores T1110.001 Password Guessing
ME-PWA-E3 Passwordless Authentication Technique Scores T1110 Brute Force
ME-PWA-E3 Passwordless Authentication Technique Scores T1136.003 Cloud Account
ME-PWA-E3 Passwordless Authentication Technique Scores T1098.001 Additional Cloud Credentials
ME-PWA-E3 Passwordless Authentication Technique Scores T1098.003 Additional Cloud Roles
ME-PWA-E3 Passwordless Authentication Technique Scores T1531 Account Access Removal
ME-PWA-E3 Passwordless Authentication Technique Scores T1078.004 Cloud Accounts
ME-PWP-E3 Password Policy Technique Scores T1586.003 Cloud Accounts
ME-PWP-E3 Password Policy Technique Scores T1110.004 Credential Stuffing
ME-PWP-E3 Password Policy Technique Scores T1110.003 Password Spraying
ME-PWP-E3 Password Policy Technique Scores T1110.002 Password Cracking
ME-PWP-E3 Password Policy Technique Scores T1110.001 Password Guessing
ME-PWP-E3 Password Policy Technique Scores T1078 Valid Accounts
ME-PWP-E3 Password Policy Technique Scores T1110 Brute Force
ME-PIM-E5 Privileged Identity Management Technique Scores T1098.003 Additional Cloud Roles
ME-PIM-E5 Privileged Identity Management Technique Scores T1098 Account Manipulation
ME-PIM-E5 Privileged Identity Management Technique Scores T1651 Cloud Administration Command
ME-PIM-E5 Privileged Identity Management Technique Scores T1098.003 Additional Cloud Roles
ME-PIM-E5 Privileged Identity Management Technique Scores T1098.001 Additional Cloud Credentials
ME-PIM-E5 Privileged Identity Management Technique Scores T1098 Account Manipulation
ME-PIM-E5 Privileged Identity Management Technique Scores T1136.003 Cloud Account
ME-PIM-E5 Privileged Identity Management Technique Scores T1136 Create Account
ME-PIM-E5 Privileged Identity Management Technique Scores T1078.004 Cloud Accounts
ME-PIM-E5 Privileged Identity Management Technique Scores T1078 Valid Accounts
ME-PIM-E5 Privileged Identity Management Technique Scores T1556.007 Hybrid Identity
ME-PIM-E5 Privileged Identity Management Technique Scores T1556.006 Multi-Factor Authentication
ME-PIM-E5 Privileged Identity Management Technique Scores T1556 Modify Authentication Process
ME-PP-E3 Password Protection Technique Scores T1586.003 Cloud Accounts
ME-PP-E3 Password Protection Technique Scores T1078 Valid Accounts
ME-PP-E3 Password Protection Technique Scores T1110.004 Credential Stuffing
ME-PP-E3 Password Protection Technique Scores T1110.003 Password Spraying
ME-PP-E3 Password Protection Technique Scores T1110 Brute Force
ME-MFA-E3 Multi-factor Authentication Technique Scores T1078.004 Cloud Accounts
ME-MFA-E3 Multi-factor Authentication Technique Scores T1136.003 Cloud Account
ME-MFA-E3 Multi-factor Authentication Technique Scores T1098.002 Additional Email Delegate Permissions
ME-MFA-E3 Multi-factor Authentication Technique Scores T1098.003 Additional Cloud Roles
ME-MFA-E3 Multi-factor Authentication Technique Scores T1098.001 Additional Cloud Credentials
ME-MFA-E3 Multi-factor Authentication Technique Scores T1098 Account Manipulation
ME-MFA-E3 Multi-factor Authentication Technique Scores T1110.004 Credential Stuffing
ME-MFA-E3 Multi-factor Authentication Technique Scores T1110.003 Password Spraying
ME-MFA-E3 Multi-factor Authentication Technique Scores T1110.002 Password Cracking
ME-MFA-E3 Multi-factor Authentication Technique Scores T1136.003 Cloud Account
ME-MFA-E3 Multi-factor Authentication Technique Scores T1110.001 Password Guessing
ME-MFA-E3 Multi-factor Authentication Technique Scores T1110 Brute Force
ME-MFA-E3 Multi-factor Authentication Technique Scores T1566.001 Spearphishing Attachment
ME-MFA-E3 Multi-factor Authentication Technique Scores T1566.002 Spearphishing Link
ME-MFA-E3 Multi-factor Authentication Technique Scores T1566 Phishing
ME-MFA-E3 Multi-factor Authentication Technique Scores T1530 Data from Cloud Storage
ME-IP-E5 Identity Protection Technique Scores T1098.003 Additional Cloud Roles
ME-IP-E5 Identity Protection Technique Scores T1098.001 Additional Cloud Credentials
ME-IP-E5 Identity Protection Technique Scores T1098 Account Manipulation
ME-IP-E5 Identity Protection Technique Scores T1110.004 Credential Stuffing
ME-IP-E5 Identity Protection Technique Scores T1110.003 Password Spraying
ME-IP-E5 Identity Protection Technique Scores T1110.002 Password Cracking
ME-IP-E5 Identity Protection Technique Scores T1110.001 Password Guessing
ME-IP-E5 Identity Protection Technique Scores T1110 Brute Force
ME-IP-E5 Identity Protection Technique Scores T1621 Multi-Factor Authentication Request Generation
ME-IP-E5 Identity Protection Technique Scores T1556.006 Multi-Factor Authentication
ME-IP-E5 Identity Protection Technique Scores T1556 Modify Authentication Process
ME-IP-E5 Identity Protection Technique Scores T1586.003 Cloud Accounts
ME-IP-E5 Identity Protection Technique Scores T1078 Valid Accounts
ME-CAE-E3 Conditional Access Evaluation Technique Scores T1556.006 Multi-Factor Authentication
ME-CAE-E3 Conditional Access Evaluation Technique Scores T1134.001 Token Impersonation/Theft
ME-CAE-E3 Conditional Access Evaluation Technique Scores T1098.006 Additional Container Cluster Roles
ME-CAE-E3 Conditional Access Evaluation Technique Scores T1098.003 Additional Cloud Roles
ME-CAE-E3 Conditional Access Evaluation Technique Scores T1548.005 Temporary Elevated Cloud Access
ME-CAE-E3 Conditional Access Evaluation Technique Scores T1110 Brute Force
ME-CAE-E3 Conditional Access Evaluation Technique Scores T1585.003 Cloud Accounts
ME-CAE-E3 Conditional Access Evaluation Technique Scores T1585.002 Email Accounts
ME-CAE-E3 Conditional Access Evaluation Technique Scores T1585 Establish Accounts
ME-CAE-E3 Conditional Access Evaluation Technique Scores T1651 Cloud Administration Command
ME-CAE-E3 Conditional Access Evaluation Technique Scores T1114 Email Collection
ME-CAE-E3 Conditional Access Evaluation Technique Scores T1114.002 Remote Email Collection
ME-CAE-E3 Conditional Access Evaluation Technique Scores T1586.003 Cloud Accounts
ME-CAE-E3 Conditional Access Evaluation Technique Scores T1586.002 Email Accounts
ME-CAE-E3 Conditional Access Evaluation Technique Scores T1586 Compromise Accounts
ME-CAE-E3 Conditional Access Evaluation Technique Scores T1531 Account Access Removal
ME-CAE-E3 Conditional Access Evaluation Technique Scores T1586.003 Cloud Accounts
ME-CAE-E3 Conditional Access Evaluation Technique Scores T1078 Valid Accounts
ME-CAE-E3 Conditional Access Evaluation Technique Scores T1539 Steal Web Session Cookie
ME-CA-E5 Conditional Access Technique Scores T1059.009 Cloud API
ME-CA-E5 Conditional Access Technique Scores T1078 Valid Accounts
ME-CA-E5 Conditional Access Technique Scores T1586.003 Cloud Accounts
ME-CA-E5 Conditional Access Technique Scores T1621 Multi-Factor Authentication Request Generation
ME-CA-E5 Conditional Access Technique Scores T1110.004 Credential Stuffing
ME-CA-E5 Conditional Access Technique Scores T1110.003 Password Spraying
ME-CA-E5 Conditional Access Technique Scores T1110.002 Password Cracking
ME-CA-E5 Conditional Access Technique Scores T1110.001 Password Guessing
ME-CA-E5 Conditional Access Technique Scores T1110 Brute Force

Capabilities

Capability ID Capability Name Number of Mappings
ME-CAE-E3 Conditional Access Evaluation 19
ME-PP-E3 Password Protection 5
ME-IP-E5 Identity Protection 13
ME-MFA-E3 Multi-factor Authentication 16
ME-PWP-E3 Password Policy 7
ME-PWA-E3 Passwordless Authentication 12
ME-PIM-E5 Privileged Identity Management 13
ME-CA-E5 Conditional Access 9
ME-RBAC-E3 Role Based Access Control 28