What is the goal of the spoofing intelligence

%3CLINGO-SUB%20id%3D%22lingo-sub-3302440%22%20slang%3D%22fr-FR%22%3EWhat%20is%20the%20goal%20of%20the%20spoofing%20intelligence%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3302440%22%20slang%3D%22fr-FR%22%3E%3CP%3Ehi%20%3CBR%20%2F%3Ei%20want%20to%20know%20what%20the%20goal%20of%20the%20sppofing%20inteligence%20in%20the%20microsoft%20365%20defender%20%2C%20and%20the%20goal%20of%20Tenant%20Allow%2FBlock%20Lists%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22Zied_Berrima_0-1651675036708.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F369154i99010D2D2DBED173%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22Zied_Berrima_0-1651675036708.png%22%20alt%3D%22Zied_Berrima_0-1651675036708.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-3302440%22%20slang%3D%22fr-FR%22%3E%3CLINGO-LABEL%3EMicrosoft%20Defender%20for%20Office%20365%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EThreat%20Intelligence%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3302479%22%20slang%3D%22en-US%22%3ERe%3A%20What%20is%20the%20goal%20of%20the%20spoofing%20intelligence%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3302479%22%20slang%3D%22en-US%22%3EThis%20article%20does%20a%20pretty%20good%20job%20walking%20through%20the%20Anti-Spoofing%20Protection%20and%20how%20MSFT%20is%20working%20to%20defend%20against%20those%20threats.%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fsecurity%2Foffice-365-security%2Fanti-spoofing-protection%3Fview%3Do365-worldwide%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fsecurity%2Foffice-365-security%2Fanti-spoofing-protection%3Fview%3Do365-worldwide%3C%2FA%3E%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fsecurity%2Foffice-365-security%2Flearn-about-spoof-intelligence%3Fview%3Do365-worldwide%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fsecurity%2Foffice-365-security%2Flearn-about-spoof-intelligence%3Fview%3Do365-worldwide%3C%2FA%3E%3CBR%20%2F%3E%3CBR%20%2F%3EThe%20Tenant%20Allow%2FBlock%20is%20all%20about%20the%20admin%20override%20of%20those%20technologies.%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fsecurity%2Foffice-365-security%2Fmanage-tenant-allows%3Fview%3Do365-worldwide%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fsecurity%2Foffice-365-security%2Fmanage-tenant-allows%3Fview%3Do365-worldwide%3C%2FA%3E%3CBR%20%2F%3E%3CBR%20%2F%3ENot%20100%20%25%20but%20i%20suspect%20the%20goal%20is%20to%20move%20to%20the%20tenant%20and%20allow%2Fblock%20instead%20of%20using%20the%20traditional%20allow%20and%20block%20options%20in%20MDO.%20THis%20sis%20still%20the%20best%20practice%20i%20follow%20for%20doing%20allows.%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fsecurity%2Foffice-365-security%2Fcreate-safe-sender-lists-in-office-365%3Fview%3Do365-worldwide%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fsecurity%2Foffice-365-security%2Fcreate-safe-sender-lists-in-office-365%3Fview%3Do365-worldwide%3C%2FA%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3C%2FLINGO-BODY%3E
Occasional Contributor

hi 
i want to know what the goal of the sppofing inteligence in the microsoft 365 defender , and the goal of Tenant Allow/Block Lists

 

Zied_Berrima_0-1651675036708.png

 

1 Reply
This article does a pretty good job walking through the Anti-Spoofing Protection and how MSFT is working to defend against those threats.
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/anti-spoofing-protection...
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/learn-about-spoof-intell...

The Tenant Allow/Block is all about the admin override of those technologies.
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/manage-tenant-allows?vie...

Not 100 % but i suspect the goal is to move to the tenant and allow/block instead of using the traditional allow and block options in MDO. THis sis still the best practice i follow for doing allows.
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/create-safe-sender-lists...