M365-DEF-ZAP-E3 |
Zero Hour Auto Purge |
Technique Scores |
T1204.001 |
Malicious Link |
M365-DEF-ZAP-E3 |
Zero Hour Auto Purge |
Technique Scores |
T1204.002 |
Malicious File |
M365-DEF-ZAP-E3 |
Zero Hour Auto Purge |
Technique Scores |
T1204 |
User Execution |
M365-DEF-ZAP-E3 |
Zero Hour Auto Purge |
Technique Scores |
T1080 |
Taint Shared Content |
M365-DEF-ZAP-E3 |
Zero Hour Auto Purge |
Technique Scores |
T1027 |
Obfuscated Files or Information |
M365-DEF-ZAP-E3 |
Zero Hour Auto Purge |
Technique Scores |
T1036 |
Masquerading |
M365-DEF-ZAP-E3 |
Zero Hour Auto Purge |
Technique Scores |
T1059.006 |
Python |
M365-DEF-ZAP-E3 |
Zero Hour Auto Purge |
Technique Scores |
T1059.009 |
Cloud API |
M365-DEF-ZAP-E3 |
Zero Hour Auto Purge |
Technique Scores |
T1059.001 |
PowerShell |
M365-DEF-ZAP-E3 |
Zero Hour Auto Purge |
Technique Scores |
T1059 |
Command and Scripting Interpreter |
M365-DEF-ZAP-E3 |
Zero Hour Auto Purge |
Technique Scores |
T1656 |
Impersonation |
M365-DEF-ZAP-E3 |
Zero Hour Auto Purge |
Technique Scores |
T1534 |
Internal Spearphishing |
M365-DEF-ZAP-E3 |
Zero Hour Auto Purge |
Technique Scores |
T1566.002 |
Spearphishing Link |
M365-DEF-ZAP-E3 |
Zero Hour Auto Purge |
Technique Scores |
T1566.001 |
Spearphishing Attachment |
M365-DEF-ZAP-E3 |
Zero Hour Auto Purge |
Technique Scores |
T1566 |
Phishing |
DO365-TT-E5 |
Threat Tracker |
Technique Scores |
T1566.001 |
Spearphishing Attachment |
DO365-TT-E5 |
Threat Tracker |
Technique Scores |
T1566 |
Phishing |
DO365-TPSR-E3 |
Threat Protection Status Report |
Technique Scores |
T1566 |
Phishing |
DO365-TPSR-E3 |
Threat Protection Status Report |
Technique Scores |
T1566.001 |
Spearphishing Attachment |
DO365-TPSR-E3 |
Threat Protection Status Report |
Technique Scores |
T1566.002 |
Spearphishing Link |
DO365-TPSR-E3 |
Threat Protection Status Report |
Technique Scores |
T1534 |
Internal Spearphishing |
DO365-TPSR-E3 |
Threat Protection Status Report |
Technique Scores |
T1656 |
Impersonation |
DO365-TPSR-E3 |
Threat Protection Status Report |
Technique Scores |
T1189 |
Drive-by Compromise |
DO365-TE-E5 |
Threat Explorer |
Technique Scores |
T1656 |
Impersonation |
DO365-TE-E5 |
Threat Explorer |
Technique Scores |
T1189 |
Drive-by Compromise |
DO365-TE-E5 |
Threat Explorer |
Technique Scores |
T1566 |
Phishing |
DO365-TE-E5 |
Threat Explorer |
Technique Scores |
T1566.002 |
Spearphishing Link |
DO365-TE-E5 |
Threat Explorer |
Technique Scores |
T1566.001 |
Spearphishing Attachment |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1137 |
Office Application Startup |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1072 |
Software Deployment Tools |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1550 |
Use Alternate Authentication Material |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1530 |
Data from Cloud Storage |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1213 |
Data from Information Repositories |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1213.002 |
Sharepoint |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1078.001 |
Default Accounts |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1656 |
Impersonation |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1021 |
Remote Services |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1566.001 |
Spearphishing Attachment |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1566.002 |
Spearphishing Link |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1566 |
Phishing |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1080 |
Taint Shared Content |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1546 |
Event Triggered Execution |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1204.001 |
Malicious Link |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1204.002 |
Malicious File |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1204 |
User Execution |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1189 |
Drive-by Compromise |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1114.002 |
Remote Email Collection |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1114.003 |
Email Forwarding Rule |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1114 |
Email Collection |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1059.009 |
Cloud API |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1021.007 |
Cloud Services |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1136 |
Create Account |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1136.003 |
Cloud Account |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1548 |
Abuse Elevation Control Mechanism |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1651 |
Cloud Administration Command |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1606 |
Forge Web Credentials |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1564 |
Hide Artifacts |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1657 |
Financial Theft |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1567.004 |
Exfiltration Over Webhook |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1564.008 |
Email Hiding Rules |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1110.004 |
Credential Stuffing |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1110.003 |
Password Spraying |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1110.002 |
Password Cracking |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1110.001 |
Password Guessing |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1110 |
Brute Force |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1211 |
Exploitation for Defense Evasion |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1562.008 |
Disable or Modify Cloud Logs |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1562 |
Impair Defenses |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1534 |
Internal Spearphishing |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1078 |
Valid Accounts |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1078.004 |
Cloud Accounts |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1550 |
Use Alternate Authentication Material |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1550.001 |
Application Access Token |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1114.002 |
Remote Email Collection |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1114.003 |
Email Forwarding Rule |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1567.002 |
Exfiltration to Cloud Storage |
DEF-SecScore-E3 |
Secure Score |
Technique Scores |
T1567 |
Exfiltration Over Web Service |
DEF-SECA-E3 |
Security Alerts |
Technique Scores |
T1011 |
Exfiltration Over Other Network Medium |
DEF-SECA-E3 |
Security Alerts |
Technique Scores |
T1550.002 |
Pass the Hash |
DEF-SECA-E3 |
Security Alerts |
Technique Scores |
T1557.001 |
LLMNR/NBT-NS Poisoning and SMB Relay |
DEF-SECA-E3 |
Security Alerts |
Technique Scores |
T1550 |
Use Alternate Authentication Material |
DEF-SECA-E3 |
Security Alerts |
Technique Scores |
T1557 |
Adversary-in-the-Middle |
DEF-SECA-E3 |
Security Alerts |
Technique Scores |
T1606 |
Forge Web Credentials |
DEF-SECA-E3 |
Security Alerts |
Technique Scores |
T1187 |
Forced Authentication |
DEF-SECA-E3 |
Security Alerts |
Technique Scores |
T1552.004 |
Private Keys |
DEF-SECA-E3 |
Security Alerts |
Technique Scores |
T1003.006 |
DCSync |
DEF-SECA-E3 |
Security Alerts |
Technique Scores |
T1003 |
OS Credential Dumping |
DEF-SECA-E3 |
Security Alerts |
Technique Scores |
T1134.001 |
Token Impersonation/Theft |
DEF-SECA-E3 |
Security Alerts |
Technique Scores |
T1134 |
Access Token Manipulation |
DEF-SECA-E3 |
Security Alerts |
Technique Scores |
T1558.004 |
AS-REP Roasting |
DEF-SECA-E3 |
Security Alerts |
Technique Scores |
T1558.003 |
Kerberoasting |
DEF-SECA-E3 |
Security Alerts |
Technique Scores |
T1555 |
Credentials from Password Stores |
DEF-SECA-E3 |
Security Alerts |
Technique Scores |
T1558.001 |
Golden Ticket |
DEF-SECA-E3 |
Security Alerts |
Technique Scores |
T1110.003 |
Password Spraying |
DEF-SECA-E3 |
Security Alerts |
Technique Scores |
T1110.001 |
Password Guessing |
DEF-SECA-E3 |
Security Alerts |
Technique Scores |
T1110 |
Brute Force |
DEF-SECA-E3 |
Security Alerts |
Technique Scores |
T1484.001 |
Group Policy Modification |
DEF-SECA-E3 |
Security Alerts |
Technique Scores |
T1078 |
Valid Accounts |
DEF-SECA-E3 |
Security Alerts |
Technique Scores |
T1484 |
Domain Policy Modification |
DEF-SECA-E3 |
Security Alerts |
Technique Scores |
T1134.005 |
SID-History Injection |
DEF-SECA-E3 |
Security Alerts |
Technique Scores |
T1134 |
Access Token Manipulation |
DEF-SECA-E3 |
Security Alerts |
Technique Scores |
T1484 |
Domain Policy Modification |
DEF-SECA-E3 |
Security Alerts |
Technique Scores |
T1098 |
Account Manipulation |
DEF-SECA-E3 |
Security Alerts |
Technique Scores |
T1556.001 |
Domain Controller Authentication |
DEF-SECA-E3 |
Security Alerts |
Technique Scores |
T1556 |
Modify Authentication Process |
DEF-SECA-E3 |
Security Alerts |
Technique Scores |
T1210 |
Exploitation of Remote Services |
DEF-SECA-E3 |
Security Alerts |
Technique Scores |
T1068 |
Exploitation for Privilege Escalation |
DEF-SECA-E3 |
Security Alerts |
Technique Scores |
T1558.001 |
Golden Ticket |
DEF-SECA-E3 |
Security Alerts |
Technique Scores |
T1558 |
Steal or Forge Kerberos Tickets |
DEF-SECA-E3 |
Security Alerts |
Technique Scores |
T1134.001 |
Token Impersonation/Theft |
DEF-SECA-E3 |
Security Alerts |
Technique Scores |
T1202 |
Indirect Command Execution |
DEF-SECA-E3 |
Security Alerts |
Technique Scores |
T1069.002 |
Domain Groups |
DEF-SECA-E3 |
Security Alerts |
Technique Scores |
T1069 |
Permission Groups Discovery |
DEF-SECA-E3 |
Security Alerts |
Technique Scores |
T1049 |
System Network Connections Discovery |
DEF-SECA-E3 |
Security Alerts |
Technique Scores |
T1018 |
Remote System Discovery |
DEF-SECA-E3 |
Security Alerts |
Technique Scores |
T1046 |
Network Service Discovery |
DEF-SECA-E3 |
Security Alerts |
Technique Scores |
T1087 |
Account Discovery |
DEF-SECA-E3 |
Security Alerts |
Technique Scores |
T1087.002 |
Domain Account |
DO365-SL-E3 |
Safe Links |
Technique Scores |
T1204 |
User Execution |
DO365-SL-E3 |
Safe Links |
Technique Scores |
T1204.001 |
Malicious Link |
DO365-SL-E3 |
Safe Links |
Technique Scores |
T1566 |
Phishing |
DO365-SL-E3 |
Safe Links |
Technique Scores |
T1566.002 |
Spearphishing Link |
DO365-SL-E3 |
Safe Links |
Technique Scores |
T1534 |
Internal Spearphishing |
DEF-SA-E3 |
Safe Attachments |
Technique Scores |
T1566 |
Phishing |
DEF-SA-E3 |
Safe Attachments |
Technique Scores |
T1598 |
Phishing for Information |
DEF-SA-E3 |
Safe Attachments |
Technique Scores |
T1204 |
User Execution |
DEF-SA-E3 |
Safe Attachments |
Technique Scores |
T1204.002 |
Malicious File |
DEF-SA-E3 |
Safe Attachments |
Technique Scores |
T1598.002 |
Spearphishing Attachment |
DEF-SA-E3 |
Safe Attachments |
Technique Scores |
T1566.001 |
Spearphishing Attachment |
DEF-SA-E3 |
Safe Attachments |
Technique Scores |
T1566.001 |
Spearphishing Attachment |
DEF-SA-E3 |
Safe Attachments |
Technique Scores |
T1566 |
Phishing |
DEF-SA-E3 |
Safe Attachments |
Technique Scores |
T1598.002 |
Spearphishing Attachment |
DEF-SA-E3 |
Safe Attachments |
Technique Scores |
T1598 |
Phishing for Information |
DEF-SA-E3 |
Safe Attachments |
Technique Scores |
T1204.002 |
Malicious File |
DEF-SA-E3 |
Safe Attachments |
Technique Scores |
T1204 |
User Execution |
DEF-Quarantine-E3 |
Quarantine Policies |
Technique Scores |
T1213 |
Data from Information Repositories |
DEF-Quarantine-E3 |
Quarantine Policies |
Technique Scores |
T1213.002 |
Sharepoint |
DEF-Quarantine-E3 |
Quarantine Policies |
Technique Scores |
T1530 |
Data from Cloud Storage |
DEF-Quarantine-E3 |
Quarantine Policies |
Technique Scores |
T1204.001 |
Malicious Link |
DEF-Quarantine-E3 |
Quarantine Policies |
Technique Scores |
T1204.002 |
Malicious File |
DEF-Quarantine-E3 |
Quarantine Policies |
Technique Scores |
T1204 |
User Execution |
DEF-Quarantine-E3 |
Quarantine Policies |
Technique Scores |
T1080 |
Taint Shared Content |
DEF-Quarantine-E3 |
Quarantine Policies |
Technique Scores |
T1027 |
Obfuscated Files or Information |
DEF-Quarantine-E3 |
Quarantine Policies |
Technique Scores |
T1036 |
Masquerading |
DEF-Quarantine-E3 |
Quarantine Policies |
Technique Scores |
T1656 |
Impersonation |
DEF-Quarantine-E3 |
Quarantine Policies |
Technique Scores |
T1534 |
Internal Spearphishing |
DEF-Quarantine-E3 |
Quarantine Policies |
Technique Scores |
T1566.002 |
Spearphishing Link |
DEF-Quarantine-E3 |
Quarantine Policies |
Technique Scores |
T1566 |
Phishing |
DEF-Quarantine-E3 |
Quarantine Policies |
Technique Scores |
T1566.001 |
Spearphishing Attachment |
DO365-PSP-E3 |
Preset Security Policies |
Technique Scores |
T1534 |
Internal Spearphishing |
DO365-PSP-E3 |
Preset Security Policies |
Technique Scores |
T1656 |
Impersonation |
DO365-PSP-E3 |
Preset Security Policies |
Technique Scores |
T1189 |
Drive-by Compromise |
DO365-PSP-E3 |
Preset Security Policies |
Technique Scores |
T1566 |
Phishing |
DO365-PSP-E3 |
Preset Security Policies |
Technique Scores |
T1566.002 |
Spearphishing Link |
DO365-PSP-E3 |
Preset Security Policies |
Technique Scores |
T1566.001 |
Spearphishing Attachment |
DO365-PSP-E3 |
Preset Security Policies |
Technique Scores |
T1204 |
User Execution |
DO365-PSP-E3 |
Preset Security Policies |
Technique Scores |
T1204.001 |
Malicious Link |
DEF-LM-E5 |
Lateral Movements |
Technique Scores |
T1078.004 |
Cloud Accounts |
DEF-LM-E5 |
Lateral Movements |
Technique Scores |
T1098.003 |
Additional Cloud Roles |
DEF-LM-E5 |
Lateral Movements |
Technique Scores |
T1098 |
Account Manipulation |
DEF-LM-E5 |
Lateral Movements |
Technique Scores |
T1213.002 |
Sharepoint |
DEF-LM-E5 |
Lateral Movements |
Technique Scores |
T1530 |
Data from Cloud Storage |
DEF-LM-E5 |
Lateral Movements |
Technique Scores |
T1110.004 |
Credential Stuffing |
DEF-LM-E5 |
Lateral Movements |
Technique Scores |
T1110.002 |
Password Cracking |
DEF-LM-E5 |
Lateral Movements |
Technique Scores |
T1110.003 |
Password Spraying |
DEF-LM-E5 |
Lateral Movements |
Technique Scores |
T1110.001 |
Password Guessing |
DEF-LM-E5 |
Lateral Movements |
Technique Scores |
T1110 |
Brute Force |
DEF-LM-E5 |
Lateral Movements |
Technique Scores |
T1550.002 |
Pass the Hash |
DEF-LM-E5 |
Lateral Movements |
Technique Scores |
T1550.003 |
Pass the Ticket |
DEF-LM-E5 |
Lateral Movements |
Technique Scores |
T1550 |
Use Alternate Authentication Material |
DEF-LM-E5 |
Lateral Movements |
Technique Scores |
T1068 |
Exploitation for Privilege Escalation |
DEF-LM-E5 |
Lateral Movements |
Technique Scores |
T1210 |
Exploitation of Remote Services |
DEF-LM-E5 |
Lateral Movements |
Technique Scores |
T1078 |
Valid Accounts |
DEF-IR-E5 |
Incident Response |
Technique Scores |
T1098 |
Account Manipulation |
DEF-IR-E5 |
Incident Response |
Technique Scores |
T1098.001 |
Additional Cloud Credentials |
DEF-IR-E5 |
Incident Response |
Technique Scores |
T1098.002 |
Additional Email Delegate Permissions |
DEF-IR-E5 |
Incident Response |
Technique Scores |
T1098.003 |
Additional Cloud Roles |
DEF-IR-E5 |
Incident Response |
Technique Scores |
T1531 |
Account Access Removal |
DEF-IR-E5 |
Incident Response |
Technique Scores |
T1110 |
Brute Force |
DEF-IR-E5 |
Incident Response |
Technique Scores |
T1110.001 |
Password Guessing |
DEF-IR-E5 |
Incident Response |
Technique Scores |
T1110.002 |
Password Cracking |
DEF-IR-E5 |
Incident Response |
Technique Scores |
T1110.003 |
Password Spraying |
DEF-IR-E5 |
Incident Response |
Technique Scores |
T1110.004 |
Credential Stuffing |
DEF-IR-E5 |
Incident Response |
Technique Scores |
T1136 |
Create Account |
DEF-IR-E5 |
Incident Response |
Technique Scores |
T1136.003 |
Cloud Account |
DEF-IR-E5 |
Incident Response |
Technique Scores |
T1538 |
Cloud Service Dashboard |
DEF-IR-E5 |
Incident Response |
Technique Scores |
T1059 |
Command and Scripting Interpreter |
DEF-IR-E5 |
Incident Response |
Technique Scores |
T1059.009 |
Cloud API |
DEF-IR-E5 |
Incident Response |
Technique Scores |
T1530 |
Data from Cloud Storage |
DEF-IR-E5 |
Incident Response |
Technique Scores |
T1213 |
Data from Information Repositories |
DEF-IR-E5 |
Incident Response |
Technique Scores |
T1213.002 |
Sharepoint |
DEF-IR-E5 |
Incident Response |
Technique Scores |
T1606 |
Forge Web Credentials |
DEF-IR-E5 |
Incident Response |
Technique Scores |
T1606.002 |
SAML Tokens |
DEF-IR-E5 |
Incident Response |
Technique Scores |
T1564 |
Hide Artifacts |
DEF-IR-E5 |
Incident Response |
Technique Scores |
T1564.008 |
Email Hiding Rules |
DEF-IR-E5 |
Incident Response |
Technique Scores |
T1562 |
Impair Defenses |
DEF-IR-E5 |
Incident Response |
Technique Scores |
T1562.008 |
Disable or Modify Cloud Logs |
DEF-IR-E5 |
Incident Response |
Technique Scores |
T1556 |
Modify Authentication Process |
DEF-IR-E5 |
Incident Response |
Technique Scores |
T1556.006 |
Multi-Factor Authentication |
DEF-IR-E5 |
Incident Response |
Technique Scores |
T1621 |
Multi-Factor Authentication Request Generation |
DEF-IR-E5 |
Incident Response |
Technique Scores |
T1566 |
Phishing |
DEF-IR-E5 |
Incident Response |
Technique Scores |
T1598.003 |
Spearphishing Link |
DEF-IR-E5 |
Incident Response |
Technique Scores |
T1598.004 |
Spearphishing Voice |
DEF-IR-E5 |
Incident Response |
Technique Scores |
T1552 |
Unsecured Credentials |
DEF-IR-E5 |
Incident Response |
Technique Scores |
T1552.008 |
Chat Messages |
DEF-IR-E5 |
Incident Response |
Technique Scores |
T1550 |
Use Alternate Authentication Material |
DEF-IR-E5 |
Incident Response |
Technique Scores |
T1550.001 |
Application Access Token |
DEF-IR-E5 |
Incident Response |
Technique Scores |
T1550.004 |
Web Session Cookie |
DEF-IR-E5 |
Incident Response |
Technique Scores |
T1078 |
Valid Accounts |
DEF-IR-E5 |
Incident Response |
Technique Scores |
T1087.004 |
Cloud Account |
DEF-SIM-E5 |
ATT&CK Simulation Training |
Technique Scores |
T1550 |
Use Alternate Authentication Material |
DEF-SIM-E5 |
ATT&CK Simulation Training |
Technique Scores |
T1550 |
Use Alternate Authentication Material |
DEF-SIM-E5 |
ATT&CK Simulation Training |
Technique Scores |
T1539 |
Steal Web Session Cookie |
DEF-SIM-E5 |
ATT&CK Simulation Training |
Technique Scores |
T1539 |
Steal Web Session Cookie |
DEF-SIM-E5 |
ATT&CK Simulation Training |
Technique Scores |
T1528 |
Steal Application Access Token |
DEF-SIM-E5 |
ATT&CK Simulation Training |
Technique Scores |
T1528 |
Steal Application Access Token |
DEF-SIM-E5 |
ATT&CK Simulation Training |
Technique Scores |
T1204.001 |
Malicious Link |
DEF-SIM-E5 |
ATT&CK Simulation Training |
Technique Scores |
T1189 |
Drive-by Compromise |
DEF-SIM-E5 |
ATT&CK Simulation Training |
Technique Scores |
T1566.002 |
Spearphishing Link |
DEF-SIM-E5 |
ATT&CK Simulation Training |
Technique Scores |
T1598 |
Phishing for Information |
DEF-SIM-E5 |
ATT&CK Simulation Training |
Technique Scores |
T1566.001 |
Spearphishing Attachment |
DEF-SIM-E5 |
ATT&CK Simulation Training |
Technique Scores |
T1566 |
Phishing |
DEF-SIM-E5 |
ATT&CK Simulation Training |
Technique Scores |
T1204.002 |
Malicious File |
DEF-SIM-E5 |
ATT&CK Simulation Training |
Technique Scores |
T1204 |
User Execution |
DEF-SIM-E5 |
ATT&CK Simulation Training |
Technique Scores |
T1204 |
User Execution |
DEF-SIM-E5 |
ATT&CK Simulation Training |
Technique Scores |
T1204.002 |
Malicious File |
DEF-SIM-E5 |
ATT&CK Simulation Training |
Technique Scores |
T1566 |
Phishing |
DEF-SIM-E5 |
ATT&CK Simulation Training |
Technique Scores |
T1566.001 |
Spearphishing Attachment |
DEF-SIM-E5 |
ATT&CK Simulation Training |
Technique Scores |
T1598.002 |
Spearphishing Attachment |
DEF-SIM-E5 |
ATT&CK Simulation Training |
Technique Scores |
T1598 |
Phishing for Information |
DEF-SIM-E5 |
ATT&CK Simulation Training |
Technique Scores |
T1204.001 |
Malicious Link |
DEF-SIM-E5 |
ATT&CK Simulation Training |
Technique Scores |
T1189 |
Drive-by Compromise |
DEF-SIM-E5 |
ATT&CK Simulation Training |
Technique Scores |
T1566.002 |
Spearphishing Link |
DO365-AG-E5 |
App Governance |
Technique Scores |
T1548 |
Abuse Elevation Control Mechanism |
DO365-AG-E5 |
App Governance |
Technique Scores |
T1087 |
Account Discovery |
DO365-AG-E5 |
App Governance |
Technique Scores |
T1087.004 |
Cloud Account |
DO365-AG-E5 |
App Governance |
Technique Scores |
T1110 |
Brute Force |
DO365-AG-E5 |
App Governance |
Technique Scores |
T1110.001 |
Password Guessing |
DO365-AG-E5 |
App Governance |
Technique Scores |
T1110.002 |
Password Cracking |
DO365-AG-E5 |
App Governance |
Technique Scores |
T1110.003 |
Password Spraying |
DO365-AG-E5 |
App Governance |
Technique Scores |
T1110.004 |
Credential Stuffing |
DO365-AG-E5 |
App Governance |
Technique Scores |
T1538 |
Cloud Service Dashboard |
DO365-AG-E5 |
App Governance |
Technique Scores |
T1606 |
Forge Web Credentials |
DO365-AG-E5 |
App Governance |
Technique Scores |
T1606.002 |
SAML Tokens |
DO365-AG-E5 |
App Governance |
Technique Scores |
T1562 |
Impair Defenses |
DO365-AG-E5 |
App Governance |
Technique Scores |
T1562.008 |
Disable or Modify Cloud Logs |
DO365-AG-E5 |
App Governance |
Technique Scores |
T1556 |
Modify Authentication Process |
DO365-AG-E5 |
App Governance |
Technique Scores |
T1556.006 |
Multi-Factor Authentication |
DO365-AG-E5 |
App Governance |
Technique Scores |
T1621 |
Multi-Factor Authentication Request Generation |
DO365-AG-E5 |
App Governance |
Technique Scores |
T1566 |
Phishing |
DO365-AG-E5 |
App Governance |
Technique Scores |
T1528 |
Steal Application Access Token |
DO365-AG-E5 |
App Governance |
Technique Scores |
T1199 |
Trusted Relationship |
DO365-AG-E5 |
App Governance |
Technique Scores |
T1078 |
Valid Accounts |
DO365-AG-E5 |
App Governance |
Technique Scores |
T1078.004 |
Cloud Accounts |
DO365-AS-E3 |
Anti-Spoofing |
Technique Scores |
T1566 |
Phishing |
DO365-AS-E3 |
Anti-Spoofing |
Technique Scores |
T1566.002 |
Spearphishing Link |
DO365-AS-E3 |
Anti-Spoofing |
Technique Scores |
T1656 |
Impersonation |
DO365-AS-E3 |
Anti-Spoofing |
Technique Scores |
T1534 |
Internal Spearphishing |
DEF-AIR-E5 |
Automated Investigation and Response |
Technique Scores |
T1137 |
Office Application Startup |
DEF-AIR-E5 |
Automated Investigation and Response |
Technique Scores |
T1048 |
Exfiltration Over Alternative Protocol |
DEF-AIR-E5 |
Automated Investigation and Response |
Technique Scores |
T1567 |
Exfiltration Over Web Service |
DEF-AIR-E5 |
Automated Investigation and Response |
Technique Scores |
T1564.008 |
Email Hiding Rules |
DEF-AIR-E5 |
Automated Investigation and Response |
Technique Scores |
T1114 |
Email Collection |
DEF-AIR-E5 |
Automated Investigation and Response |
Technique Scores |
T1114.003 |
Email Forwarding Rule |
DEF-AIR-E5 |
Automated Investigation and Response |
Technique Scores |
T1550 |
Use Alternate Authentication Material |
DEF-AIR-E5 |
Automated Investigation and Response |
Technique Scores |
T1204.002 |
Malicious File |
DEF-AIR-E5 |
Automated Investigation and Response |
Technique Scores |
T1204.001 |
Malicious Link |
DEF-AIR-E5 |
Automated Investigation and Response |
Technique Scores |
T1078.004 |
Cloud Accounts |
DEF-AIR-E5 |
Automated Investigation and Response |
Technique Scores |
T1078 |
Valid Accounts |
DEF-AIR-E5 |
Automated Investigation and Response |
Technique Scores |
T1534 |
Internal Spearphishing |
DEF-AIR-E5 |
Automated Investigation and Response |
Technique Scores |
T1656 |
Impersonation |
DEF-AIR-E5 |
Automated Investigation and Response |
Technique Scores |
T1566.001 |
Spearphishing Attachment |
DEF-AIR-E5 |
Automated Investigation and Response |
Technique Scores |
T1566.002 |
Spearphishing Link |
DEF-AIR-E5 |
Automated Investigation and Response |
Technique Scores |
T1566 |
Phishing |
DEF-AIR-E5 |
Automated Investigation and Response |
Technique Scores |
T1189 |
Drive-by Compromise |
DO365-ATH-E5 |
Advanced Threat Hunting |
Technique Scores |
T1087 |
Account Discovery |
DO365-ATH-E5 |
Advanced Threat Hunting |
Technique Scores |
T1087.004 |
Cloud Account |
DO365-ATH-E5 |
Advanced Threat Hunting |
Technique Scores |
T1110 |
Brute Force |
DO365-ATH-E5 |
Advanced Threat Hunting |
Technique Scores |
T1110.001 |
Password Guessing |
DO365-ATH-E5 |
Advanced Threat Hunting |
Technique Scores |
T1110.002 |
Password Cracking |
DO365-ATH-E5 |
Advanced Threat Hunting |
Technique Scores |
T1110.003 |
Password Spraying |
DO365-ATH-E5 |
Advanced Threat Hunting |
Technique Scores |
T1110.004 |
Credential Stuffing |
DO365-ATH-E5 |
Advanced Threat Hunting |
Technique Scores |
T1538 |
Cloud Service Dashboard |
DO365-ATH-E5 |
Advanced Threat Hunting |
Technique Scores |
T1189 |
Drive-by Compromise |
DO365-ATH-E5 |
Advanced Threat Hunting |
Technique Scores |
T1114 |
Email Collection |
DO365-ATH-E5 |
Advanced Threat Hunting |
Technique Scores |
T1114.002 |
Remote Email Collection |
DO365-ATH-E5 |
Advanced Threat Hunting |
Technique Scores |
T1546 |
Event Triggered Execution |
DO365-ATH-E5 |
Advanced Threat Hunting |
Technique Scores |
T1567 |
Exfiltration Over Web Service |
DO365-ATH-E5 |
Advanced Threat Hunting |
Technique Scores |
T1567.004 |
Exfiltration Over Webhook |
DO365-ATH-E5 |
Advanced Threat Hunting |
Technique Scores |
T1048 |
Exfiltration Over Alternative Protocol |
DO365-ATH-E5 |
Advanced Threat Hunting |
Technique Scores |
T1606 |
Forge Web Credentials |
DO365-ATH-E5 |
Advanced Threat Hunting |
Technique Scores |
T1562 |
Impair Defenses |
DO365-ATH-E5 |
Advanced Threat Hunting |
Technique Scores |
T1562.008 |
Disable or Modify Cloud Logs |
DO365-ATH-E5 |
Advanced Threat Hunting |
Technique Scores |
T1534 |
Internal Spearphishing |
DO365-ATH-E5 |
Advanced Threat Hunting |
Technique Scores |
T1556 |
Modify Authentication Process |
DO365-ATH-E5 |
Advanced Threat Hunting |
Technique Scores |
T1556.006 |
Multi-Factor Authentication |
DO365-ATH-E5 |
Advanced Threat Hunting |
Technique Scores |
T1621 |
Multi-Factor Authentication Request Generation |
DO365-ATH-E5 |
Advanced Threat Hunting |
Technique Scores |
T1566 |
Phishing |
DO365-ATH-E5 |
Advanced Threat Hunting |
Technique Scores |
T1566.002 |
Spearphishing Link |
DO365-ATH-E5 |
Advanced Threat Hunting |
Technique Scores |
T1199 |
Trusted Relationship |
DO365-ATH-E5 |
Advanced Threat Hunting |
Technique Scores |
T1552 |
Unsecured Credentials |
DO365-ATH-E5 |
Advanced Threat Hunting |
Technique Scores |
T1078 |
Valid Accounts |
DO365-ATH-E5 |
Advanced Threat Hunting |
Technique Scores |
T1078.004 |
Cloud Accounts |
DO365-AAP-E5 |
Advanced Anti-phishing |
Technique Scores |
T1656 |
Impersonation |
DO365-AAP-E5 |
Advanced Anti-phishing |
Technique Scores |
T1656 |
Impersonation |
DO365-AAP-E5 |
Advanced Anti-phishing |
Technique Scores |
T1656 |
Impersonation |
DO365-AAP-E5 |
Advanced Anti-phishing |
Technique Scores |
T1534 |
Internal Spearphishing |
DO365-AAP-E5 |
Advanced Anti-phishing |
Technique Scores |
T1534 |
Internal Spearphishing |
DO365-AAP-E5 |
Advanced Anti-phishing |
Technique Scores |
T1566.002 |
Spearphishing Link |
DO365-AAP-E5 |
Advanced Anti-phishing |
Technique Scores |
T1566.002 |
Spearphishing Link |
DO365-AAP-E5 |
Advanced Anti-phishing |
Technique Scores |
T1566.002 |
Spearphishing Link |
DO365-AAP-E5 |
Advanced Anti-phishing |
Technique Scores |
T1566.001 |
Spearphishing Attachment |
DO365-AAP-E5 |
Advanced Anti-phishing |
Technique Scores |
T1566.001 |
Spearphishing Attachment |
DO365-AAP-E5 |
Advanced Anti-phishing |
Technique Scores |
T1566.001 |
Spearphishing Attachment |
DO365-AAP-E5 |
Advanced Anti-phishing |
Technique Scores |
T1566 |
Phishing |
DO365-AAP-E5 |
Advanced Anti-phishing |
Technique Scores |
T1566 |
Phishing |
DO365-AAP-E5 |
Advanced Anti-phishing |
Technique Scores |
T1566 |
Phishing |