| Capability ID | Capability Description | Category | Value | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|---|
| EOP-APH-E3 | Anti-Phishing | protect | partial | T1027.013 | Encrypted/Encoded File |
Comments
Exchange Online Protection's anti-phishing methods can protect against encrypted malicious files by scanning attachments and potentially quarantining them. Due to this being only one avenue, the rating is judged to be partial.
References
|
| EOP-APH-E3 | Anti-Phishing | protect | significant | T1566 | Phishing |
Comments
Policies to configure anti-phishing protection settings are available in Microsoft 365 organizations with Exchange Online mailboxes, standalone Exchange Online Protection (EOP) organizations without Exchange Online mailboxes, and Microsoft Defender for Office 365 organizations. The features provided with Anti-phishing policies in Defender for Office 365 are: Automatically creating default policies, creating custom policies, common policy settings, spoof settings, first contact safety tips, impersonation settings, and advanced phishing thresholds.
Microsoft 365's Anti-Phishing protection protects from Phishing attacks due to it's custom policy feature where users can create policies to determine if certain websites used for phishing are necessary for business operations and can block access if activity cannot be monitored well or if it poses a significant risk.
License Requirements:
Microsoft Exchange Online Protection, Defender for Office 365 plan 1 and plan 2, Microsoft XDR
References
|
| EOP-APH-E3 | Anti-Phishing | protect | significant | T1566.001 | Spearphishing Attachment |
Comments
Policies to configure anti-phishing protection settings are available in Microsoft 365 organizations with Exchange Online mailboxes, standalone Exchange Online Protection (EOP) organizations without Exchange Online mailboxes, and Microsoft Defender for Office 365 organizations. The features provided with Anti-phishing policies in Defender for Office 365 are: Automatically creating default policies, creating custom policies, common policy settings, spoof settings, first contact safety tips, impersonation settings, and advanced phishing thresholds.
Microsoft 365's Anti-Phishing protection protects from Phishing attacks due to it's custom policy feature where users can create policies to determine if certain websites used for phishing are necessary for business operations and can block access if activity cannot be monitored well or if it poses a significant risk.
License Requirements:
Microsoft Exchange Online Protection, Defender for Office 365 plan 1 and plan 2, Microsoft XDR
References
|
| EOP-APH-E3 | Anti-Phishing | protect | significant | T1566.002 | Spearphishing Link |
Comments
Policies to configure anti-phishing protection settings are available in Microsoft 365 organizations with Exchange Online mailboxes, standalone Exchange Online Protection (EOP) organizations without Exchange Online mailboxes, and Microsoft Defender for Office 365 organizations. The features provided with Anti-phishing policies in Defender for Office 365 are: Automatically creating default policies, creating custom policies, common policy settings, spoof settings, first contact safety tips, impersonation settings, and advanced phishing thresholds.
Microsoft 365's Anti-Phishing protection protects from Phishing attacks due to it's custom policy feature where users can create policies to determine if certain websites used for phishing are necessary for business operations and can block access if activity cannot be monitored well or if it poses a significant risk.
License Requirements:
Microsoft Exchange Online Protection, Defender for Office 365 plan 1 and plan 2, Microsoft XDR
References
|
| EOP-APH-E3 | Anti-Phishing | protect | significant | T1656 | Impersonation |
Comments
Policies to configure anti-phishing protection settings are available in Microsoft 365 organizations with Exchange Online mailboxes, standalone Exchange Online Protection (EOP) organizations without Exchange Online mailboxes, and Microsoft Defender for Office 365 organizations. The features provided with Anti-phishing policies in Defender for Office 365 are: Automatically creating default policies, creating custom policies, common policy settings, spoof settings, first contact safety tips, impersonation settings, and advanced phishing thresholds.
Microsoft 365's Anti-Phishing protection protects from Phishing attacks due to it's custom policy feature where users can create policies to determine if certain websites used for phishing are necessary for business operations and can block access if activity cannot be monitored well or if it poses a significant risk.
License Requirements:
Microsoft Exchange Online Protection, Defender for Office 365 plan 1 and plan 2, Microsoft XDR
References
|