Debunking Microsoft 365 & Identity Myths
ATT&CK techniques detected
T1556.006Multi-Factor Authentication
90%
“enforce strong mfa, and more. but here ’ s the catch : you still have to configure it. we ’ ve found that 24 % of p1 license holders and 9 % of p2 license holders don ’ t configure conditional access policies. and misconfigurations are more common than you ' d think. one misplace…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1078.004Cloud Accounts
89%
“debunking microsoft 365 & identity myths when it comes to identity security in microsoft 365, the forecast is often cloudy, especially when some vendors lean into half - truths or conveniently cropped facts to market their products. but let ’ s clear the air. here at huntress, we…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1098.002Additional Email Delegate Permissions
72%
“escalations to suspicious inbox rules and mailbox permission updates. in fact, while login events help us spot the early stages of compromise — such as adversary - in - the - middle ( aitm ) attacks or session hijacking — mailbox events often give you the downstream context, like…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
Don’t fall for common Microsoft 365 identity security myths. Here, Huntress debunks misconceptions around logins, MFA, Conditional Access, Impossible Travel, and security tuning.