Valimail Enforce - DMARC Policy Weakened to None

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

↑ Back to Content Index

---

This query searches for DMARC policies changed to 'none', which disables enforcement and leaves the domain vulnerable to spoofing and phishing attacks.

Attribute	Value
Type	Analytic Rule
Solution	ValimailEnforce
ID	44ec1fa4-a502-41ae-879a-3aad3557edce
Severity	High
Status	Available
Kind	Scheduled
Tactics	DefenseEvasion, InitialAccess
Techniques	T1566, T1562
Required Connectors	ValimailEnforce
Source	View on GitHub

Tables Used

This content item queries data from the following tables:

Table	Transformations	Ingestion API	Lake-Only
ValimailEnforceEvents_CL	?	✓	?

---

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

↑ Back to Analytic Rules · Back to ValimailEnforce