Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

What is the goal of the spoofing intelligence

Copper Contributor

hi 
i want to know what the goal of the sppofing inteligence in the microsoft 365 defender , and the goal of Tenant Allow/Block Lists

 

Zied_Berrima_0-1651675036708.png

 

1 Reply
This article does a pretty good job walking through the Anti-Spoofing Protection and how MSFT is working to defend against those threats.
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/anti-spoofing-protection...
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/learn-about-spoof-intell...

The Tenant Allow/Block is all about the admin override of those technologies.
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/manage-tenant-allows?vie...

Not 100 % but i suspect the goal is to move to the tenant and allow/block instead of using the traditional allow and block options in MDO. THis sis still the best practice i follow for doing allows.
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/create-safe-sender-lists...