LoFP
/
T1098.002
T1098.002
Title
Tags
fullaccess mailbox delegation may be assigned for legitimate purposes, filter as needed.
T1098.002
o365 tenant
splunk
mailbox folder permissions may be configured for legitimate purposes, filter as needed.
T1098.002
o365 tenant
splunk
the full_access_as_app api permission may be assigned to legitimate applications. filter as needed.
T1098.002
t1098.003
azure active directory
o365 tenant
splunk
while infrequent, the applicationimpersonation role may be granted for leigimate reasons, filter as needed.
T1098.002
o365 tenant
splunk