Emails SHALL be scanned for malware.

Why This Matters

Malware delivered through email remains one of the most common attack vectors for organizations. Without malware scanning enabled, malicious attachments and links can bypass your defenses and compromise user accounts, spread ransomware, or exfiltrate sensitive data. Enabling this check ensures that inbound, outbound, and internal email messages are inspected for known malware threats before they reach a user’s inbox.

What Aether365 Checks

This check verifies that your Microsoft 365 organization has malware scanning enabled for incoming and outgoing email traffic. It appears in the Aether365 dashboard under the microsoft-365 checks section.