| CHECK | BOUNCER | FIXER |
| Login protection |
| CHK-1110 - Login Authenticity Seal | ✅ | ✅ |
| CHK-1111 - Log Monitoring | ✅ | ✅ |
| RULE-1157 - Click on phishing link | ✅ | ✅ |
| RULE-1158 - Visits to phishing sites | ✅ | ✅ |
| CHK-1103 - Clone intervention screen | ✅ | ✅ |
| RULE-1151 - Suspicious login (cloud provider) | ✅ | ✅ |
| RULE-1154 - Suspicious login (threat intelligence) | ✅ | ✅ |
| CHK-1158 - Microsoft365 Portal Clone Detected | ✅ | ✅ |
| RULE-1155 - Suspicious login (empty user agent) | ✅ | ✅ |
| RULE-1156 - Suspicious login (pattern) | ✅ | ✅ |
| CHK-1112 - Attic Monthly report | ✅ | ✅ |
| CHK-1109 - Clone Detection | ✅ | ✅ |
| CHK-1600 - Authenticity Seal Validator App | | ✅ |
| CHK-1820 - Attic AITM Blocker installed | | ✅ |
| Phishing |
| CHK-1063 - Anti-phishing policy | | ✅ |
| CHK-1048 - Outlooks Mailtips | | ✅ |
| CHK-1049 - Safe Links | | ✅ |
| CHK-1023 - Labels for external mail | | ✅ |
| CHK-1058 - Anti-phishing mailtips | | ✅ |
| Malware |
| CHK-1521 - Microsoft 365 Defender | | ✅ |
| CHK-1064 Outlook Add-ins | | ✅ |
| CHK-1020 - Attachments file filter | | ✅ |
| CHK-1062 Safe Attachments | | ✅ |
| Logging | | |
| CHK-1003 - Mailbox auditing | | ✅ |
| CHK-1001 - Audit logging works | | ✅ |
| CHK-1002 - Microsoft 365 Auditlogs | | ✅ |
| CHK-1055 - Mailbox auditing bypass | | ✅ |
| CHK-1067 - Mailbox auditing | | ✅ |
| CHK-1113 - Missing Roles | | ✅ |
| |
| CHK-1155 - Tenant creation | | ✅ |
| CHK-1522 - Resharing by guests | | ✅ |
| CHK-1322 - Limited admin roles | | ✅ |
| CHK-1320 - Customer Lockbox (2) | | ✅ |
| CHK-1325 Legacy authentication (Exchange) | | ✅ |
| CHK-1329 - 2 to 4 global admins | | ✅ |
| CHK-1056 - Security Group Creation | | ✅ |
| CHK-1523 - Legacy Authentication (SharePoint) | | ✅ |
| CHK-1150 - Directory Sync Softmatch | | ✅ |
| CHK-1021 - Modern Authentication (Exchange) | | ✅ |
| CHK-1160 - Hidden admin roles | | ✅ |
| Strong Passwords |
| CHK-1331 - Automatic password expiry | | ✅ |
| CHK-1333 - Self-service password reset | | ✅ |
| CHK-1147 - Custom banned password list | | ✅ |
| Breakglass |
| CHK-1053 - Initiation emergency account | | ✅ |
| CHK-1035 Emergency Access Account | | ✅ |
| CHK-1052 - Emergency Access Account Password | | ✅ |
| Multi-Factor Authentication |
| CHK-1327 - MFA for all users | | ✅ |
| CHK-1137 - Admin without MFA | | ✅ |
| CHK-1172 - Block device code flow authentication | | ✅ |
| CHK-1142 - Appname in MS authenticator | | ✅ |
| CHK-1173 - CA report-only policies present | | ✅ |
| CHK-1170 - FIDO2 Authentication | | ✅ |
| CHK-1140 - Pushnotification Microsoft Authenticator enabled | | ✅ |
| CHK-1141 - MFA number matching | | ✅ |
| CHK-1154 MFA Exclusion added | | ✅ |
| CHK-1153 - Location in MS Authenticator | | ✅ |
| CHK-1161 - MFA Block OTP | | ✅ |
| CHK-1164 - Block SMS sign-in | | ✅ |
| CHK-1328 - MFA enforced for admins | | ✅ |
| CHK-1168 - Monitor conditional access | | ✅ |
| CHK-1171 - Phishing-resistant MFA for Admins | | ✅ |
| CHK-1127 - Security defaults enabled | | ✅ |
| E-mail Protection |
| CHK-1065 - Spam notifications to administrator | | ✅ |
| CHK-1061 - Spamscanning exception | | ✅ |
| CHK-1024 - Malware notifications (outgoing) | | ✅ |
| CHK-1028 - Content filtering policy | | ✅ |
| CHK-1068 - Transport Rule redirects mail | | ✅ |
| CHK-1031 - External calendar sharing | | ✅ |
| CHK-1025 - Malware notification (incoming) | | ✅ |
| CHK-1026 - Outbound spam filter | | ✅ |
| CHK-1046 - Linkedin Synchronization | | ✅ |
| CHK-1036 - Remote domains and automatic forwarding | | ✅ |
| CHK-1049 - Auto-forwarding policy | | ✅ |
| CHK-1054 - Email plus-addressing | | ✅ |
| CHK-1064 - External storage in Outlook | | ✅ |
| Oauth apps |
| CHK-1146 - App-consent via Admin | | ✅ |
| CHK-1174 Application owners without admin rights | | ✅ |
| CHK-1120 - Limit App-registrations to admins | | ✅ |
| CHK-1128 - App consent policy | | ✅ |
| CHK-1163 - App certificate expires | | ✅ |
| CHK-1162 - App secret expires | | ✅ |
| Abnormal behaviour |
| CHK-1336 - User risk policy | | ✅ |
| CHK-1334 - Sign-in risk policy | | ✅ |
| Monitoring |
| CHK-1051 - Delegate Admins | | ✅ |
| CHK-1520 - Public SharePoint sites | | ✅ |
| CHK-1131 - Guest users with role assignment | | ✅ |
| CHK-1168 - Monitoring Conditional access | | ✅ |
| Domain & DNS |
| CHK-1057 - Autodiscover configured | | ✅ |
| Guests |
| CHK-1524 - SharePoint Invites | | ✅ |
| CHK-1522 - Resharing by guests | | ✅ |
| CHK-1152 - Guest user Invites | | ✅ |
| CHK-1151 - Access Guest Users | | ✅ |
| Teams |
| CHK-1623 - Block anonymous users to start meetings | | ✅ |
| CHK-1622 - Teams consumer chats | | ✅ |
| CHK-1621 - Teams Channels and email | | ✅ |
| CHK-1624 - Block anonymous users joining meetings | | ✅ |
| CHK-1620 - External storage in Teams | | ✅ |
| CHK-1625 - Scan Messages for Unsafe Links | | ✅ |
| CHK-1628 - Report a security concern | | ✅ |
| CHK-1626 - Scan Messages for Unsafe Files | | ✅ |
| System | | |
| CHK-1166 - Global admins non-local admins | | ✅ |
| CHK-1169 - LAPS and Entra ID | | ✅ |
| CHK-1165 - Minimize local admins | | ✅ |
| CHK-1149 - Botlocker keys not readable | | ✅ |
Opmerkingen
0 opmerkingen
U moet u aanmelden om een opmerking te plaatsen.