Skip to main content

Jun 24, 2026

Threat-Led Posture Recommendations

Security Posture Management (SPM) now includes 15 first-party email posture policies for Microsoft 365, each researched against active 2025–2026 attack campaigns.

SPM now includes 15 first-party email posture policies for Microsoft 365, each researched against active 2025–2026 attack campaigns and mapped to MITRE ATT&CK. These cover real attacker-exploited configurations that generic CIS, NIST, and CISA benchmarks miss.

With this release:

  • Detect high-risk M365 email misconfigurations like unauthenticated Direct Send, mailbox forwarding and transport-rule persistence, Teams federation abuse from trial tenants, audit-log tampering, and more.
  • Each posture includes the threat context and step-by-step guided remediation, so you know what's being closed and why.
  • Export the ESPM evaluations page to a CSV for audits, compliance reviews, and reporting.

    Threat-led Benchmark

Protect Against Evolving Email Threats

See how behavioral AI detects attacks that legacy defenses miss.