Emails identified as containing malware SHALL be quarantined or dropped.

Why This Matters

Malware in email poses one of the most direct threats to an organization’s security posture, as malicious attachments or links can compromise endpoints, exfiltrate data, or deploy ransomware. Without a policy to quarantine or drop messages containing malware, these threats can reach user inboxes and bypass other security layers. For IT administrators, ensuring malware emails are intercepted and isolated is critical to preventing widespread incidents.

What Aether365 Checks

This check verifies that your Exchange Online transport rule or anti-malware policy is configured to quarantine or drop emails identified as containing malware. It appears in the Aether365 dashboard under the Microsoft 365 security checks section, providing a clear pass or fail status for this control.