5.9 Ensure the Malware Detections report is reviewed at least weekly

Information

You should review the Malware Detections report at least weekly. This report shows specific instances of Microsoft blocking a malware attachment from reaching your users.

Rationale:

While this report isn't strictly actionable, reviewing it will give you a sense of the overall volume of malware being targeted at your users, which may prompt you to adopt more aggressive malware mitigations.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

To review the report, use the Microsoft 365 Admin Center:

Select Security.

Click on Reports then select Email & collaboration reports.

Under Threat protection status click on View details

Review the chart and look for Email Malware statistics.

See Also

https://workbench.cisecurity.org/files/3729

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-6, 800-53|AU-6(1), 800-53|AU-7(1), CSCv7|6.2

Plugin: microsoft_azure

Control ID: 1b74d816cb92e7632c09ff90d5c832c3a2f033da7a38542b100688b292bfd582