Add MITRE ATT&CK mappings for October 2025 Release #907
Description
Prerequisites
- This issue has an informative and human-readable title.
💡 Summary
Add MITRE ATT&CK TTP mappings updated in October 2025 to existing baseline Policies:
Motivation and context
New MITRE ATT&CK TTPs to Policy Mappings were found that need to be reflected in the updated policy baselines.
GWS.CHAT.4.1v0.6 - T1213.005: Data from Information Repositories: Messaging Applications
GWS.GMAIL.2.1v0.6 - T1672: Email Spoofing
GWS.GMAIL.2.1v0.6 - T1598.003: Phishing for Information: Spearphishing Link
GWS.GMAIL.3.1v0.6 - T1672: Email Spoofing
GWS.GMAIL.3.1v0.6 - T1598.003: Phishing for Information: Spearphishing Link
GWS.GMAIL.4.1v0.6 - T1672: Email Spoofing
GWS.GMAIL.4.1v0.6 - T1598.003: Phishing for Information: Spearphishing Link
GWS.GMAIL.4.2v0.6 - T1672: Email Spoofing
GWS.GMAIL.11.1v0.6 - T1589.002: Gather Victim Identity Information: Email Addresses
Implementation notes
Add the updated mappings to the baseline files.
Acceptance criteria
- [] All new updated mappings are reflected in baseline files