Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Decompose Defender baseline policy associations with other M365 products #1554

Open
1 task
Tracked by #1508
schrolla opened this issue Feb 5, 2025 · 0 comments
Open
1 task
Tracked by #1508

Decompose Defender baseline policy associations with other M365 products #1554

schrolla opened this issue Feb 5, 2025 · 0 comments
Assignees
@schrolla
Labels
analysis-required This issue requires review or analysis work to complete baseline-document Issues relating to the text in the baseline documents themselves
Milestone
Marlin

Comments

@schrolla
Copy link
Collaborator

schrolla commented Feb 5, 2025
edited
Loading

💡 Summary

Develop a list of associations between current Defender policies and other M365 services.

Motivation and context

Defender largely protects other services in M365 within the scope of the SCuBA baselines. As a result, looking into alternative ways to represent those protections closest to the M365 service being protected. This may introduce some duplication across baselines, but the analysis will help determine if such duplication is reasonable to make the baselines more directly actionable for users.

Implementation notes

Please provide details for implementation, such as:

  • For every control in the Defender baseline analyze which other M365 services are protected
  • Document the list of associations between each Defender policy and protected M365 services
  • Not how Defender is used to protect or defend the M365 service and any specific policies associated
  • Note duplication among the associations/relationships between Defender and specific other SCB policies
    (e.g., Policy X and Y are both protected by Defender anti-spam protections)

Acceptance criteria

How do we know when this work is done?

  • A detailed mapping between Defender policies and other M365 services has been documented
@schrolla schrolla mentioned this issue Feb 5, 2025
Open
7 tasks
@schrolla schrolla added this to the Marlin milestone Feb 5, 2025
@schrolla schrolla added baseline-document Issues relating to the text in the baseline documents themselves analysis-required This issue requires review or analysis work to complete labels Feb 5, 2025
@schrolla schrolla self-assigned this Feb 5, 2025
@schrolla schrolla changed the title For each control in the Defender baseline, determine what policies, if any, would need to be added to the other baselines to not lose coverage. Decompose Defender control associations with other M365 products Feb 5, 2025
@schrolla schrolla changed the title Decompose Defender control associations with other M365 products Decompose Defender baseline policy associations with other M365 products Feb 5, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@schrolla schrolla

Labels
analysis-required This issue requires review or analysis work to complete baseline-document Issues relating to the text in the baseline documents themselves
Projects
None yet
Milestone
Marlin
Development

No branches or pull requests
1 participant
@schrolla