Add MITRE ATT&CK TTP Mappings to M365 SCBs

[ahuynhMITRE]

💡 Summary

Adding MITRE ATT&CK TTP Mapping to each baseline policy matching the formatting done in GWS's SCBs.

Motivation and context

The alignment of the M365 SCB policies to their MITRE ATT&CK TTP mappings will allow the user of the SCBs to better understand the impact, specific threat models, and methodologies that are identified with our policies.

The format of the mappings will also mirror the format of the GWS SCBs to ensure consistency between the two products.

Implementation notes

• Add in the TTP mappings for all SCBs and policies matching the formatting shown in the markdown style guide listed below https://github.com/cisagov/ScubaGear/blob/Baseline-Markdown-Style-Guide/baselines/Example.md

Acceptance criteria

How do we know when this work is done?

• [x] MITRE ATT&CK TTP mappings are added to the following SCBs
  • [x] AAD
  • [x] Defender
  • [x] EXO
  • [x] SharePoint
  • [x] Teams
  • [x] PowerBI
  • [x] PowerPlatform
• [x] All mappings reflect the formatting found in the markdown style guide

[ahuynhMITRE]

moved to blocked due to the mappings still being in draft

[schrolla]

@ahuynhMITRE Are mappings still in draft form? If not, can this work be unblocked? Regardless, with little time left in the sprint, do we want to push this to the next sprint/release?

[schrolla]

Be sure to include mappings in updated Word doc for review as well.