Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add MITRE ATT&CK TTP Mappings to M365 SCBs #937

Open
9 tasks done
ahuynhMITRE opened this issue Feb 26, 2024 · 3 comments 路 May be fixed by #1106
Open
9 tasks done

Add MITRE ATT&CK TTP Mappings to M365 SCBs #937

ahuynhMITRE opened this issue Feb 26, 2024 · 3 comments 路 May be fixed by #1106
Assignees
@ahuynhMITRE
Labels
baseline-document Issues relating to the text in the baseline documents themselves
Milestone
Iceberg

Comments

@ahuynhMITRE
Copy link
Collaborator

ahuynhMITRE commented Feb 26, 2024
edited

馃挕 Summary

Adding MITRE ATT&CK TTP Mapping to each baseline policy matching the formatting done in GWS's SCBs.

Motivation and context

The alignment of the M365 SCB policies to their MITRE ATT&CK TTP mappings will allow the user of the SCBs to better understand the impact, specific threat models, and methodologies that are identified with our policies.

The format of the mappings will also mirror the format of the GWS SCBs to ensure consistency between the two products.

Implementation notes

Acceptance criteria

How do we know when this work is done?

  • MITRE ATT&CK TTP mappings are added to the following SCBs
    • AAD
    • Defender
    • EXO
    • SharePoint
    • Teams
    • PowerBI
    • PowerPlatform
  • All mappings reflect the formatting found in the markdown style guide
@ahuynhMITRE ahuynhMITRE added the baseline-document Issues relating to the text in the baseline documents themselves label Feb 26, 2024
@ahuynhMITRE ahuynhMITRE added this to the Glacier milestone Feb 26, 2024
@ahuynhMITRE ahuynhMITRE self-assigned this Feb 26, 2024
@ahuynhMITRE ahuynhMITRE changed the title Add MITRE ATT&CK TTP Mappings to current baselines Add MITRE ATT&CK TTP Mappings to M365 SCBs Feb 26, 2024
@ahuynhMITRE
Copy link
Collaborator Author

moved to blocked due to the mappings still being in draft

@schrolla
Copy link
Collaborator

@ahuynhMITRE Are mappings still in draft form? If not, can this work be unblocked? Regardless, with little time left in the sprint, do we want to push this to the next sprint/release?

@ahuynhMITRE ahuynhMITRE modified the milestones: Glacier, Halibut Mar 20, 2024
@schrolla schrolla mentioned this issue Apr 15, 2024
Open
4 tasks
@schrolla
Copy link
Collaborator

schrolla commented May 1, 2024

Be sure to include mappings in updated Word doc for review as well.

@ahuynhMITRE ahuynhMITRE linked a pull request May 18, 2024 that will close this issue
Add MITRE ATT&CK Mappings to current SCBs #1106
Open
20 tasks
@schrolla schrolla linked a pull request May 23, 2024 that will close this issue
Open
20 tasks
@ahuynhMITRE ahuynhMITRE modified the milestones: Halibut, Iceberg Jun 3, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ahuynhMITRE ahuynhMITRE

Labels
baseline-document Issues relating to the text in the baseline documents themselves
Projects
None yet
Milestone
Iceberg
Development

Successfully merging a pull request may close this issue.

Add MITRE ATT&CK Mappings to current SCBs cisagov/ScubaGear
2 participants
@schrolla @ahuynhMITRE