mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-06-26 03:34:37 +03:00
mukul975
29 lines
1.3 KiB
Markdown
29 lines
1.3 KiB
Markdown
# Standards & References: Building Phishing Reporting Button Workflow
|
|
|
|
## MITRE ATT&CK References
|
|
- **T1566.001**: Phishing: Spearphishing Attachment
|
|
- **T1566.002**: Phishing: Spearphishing Link
|
|
- **T1204**: User Execution
|
|
- **D3-RERE**: User Reporting (MITRE D3FEND)
|
|
|
|
## Industry Standards
|
|
- **NIST SP 800-61 Rev.2**: Computer Security Incident Handling Guide
|
|
- **CIS Controls v8 Control 14**: Security Awareness and Skills Training
|
|
- **ISO 27001 A.6.3**: Information Security Awareness, Education and Training
|
|
|
|
## Reporting Platform Comparison
|
|
| Platform | Type | Integration | Auto-Triage |
|
|
|---|---|---|---|
|
|
| Microsoft Report Button | Built-in | M365 native | Via Sentinel/API |
|
|
| Cofense Reporter + Triage | Third-party | M365, Google | Yes (Cofense Triage) |
|
|
| KnowBe4 PAB | Third-party | M365, Google | Yes (KMSAT) |
|
|
| Proofpoint CLEAR | Third-party | M365, Google | Yes (built-in) |
|
|
| Hoxhunt | Third-party | M365, Google | Yes (AI-powered) |
|
|
|
|
## Key Metrics
|
|
- **Report Rate**: Percentage of phishing simulations reported (target: >70%)
|
|
- **Mean Time to Triage**: Time from report to classification (target: <10 min)
|
|
- **False Positive Rate**: Legitimate emails reported as phishing
|
|
- **Threat Catch Rate**: Real threats first detected by user reports
|
|
- **Reporter Accuracy**: Percentage of reports that are actual threats
|