Scuba gear m365 Each Rego file audits against the desired state for each product, per the SCuBA M365 secure configuration baseline documents. This ScubaGear is an assessment tool designed to verify the configuration of Microsoft 365 (M365) tenants against the Secure Cloud Business Applications (SCuBA) Security Configuration Baseline documents. Nov 28, 2022 · CISA has provided a tool on GitHub called SCuBA gear, which performs automatic evidence collection of where a M365 tenant matches up against the recommended baselines. This means software you are free to modify and distribute, such as applications licensed under the GNU General Public License, BSD license, MIT license, Apache license, etc. SHAREPOINT. The Rego folder holds the . Functions. Automation to assess the state of your M365 tenant against CISA's baselines - ScubaGear/README. ps1 script located in the root folder uses that module to execute the tool. 1v1 policy and references #1244 Dec 21, 2023 · When CISA initiated its Secure Cloud Business Applications (SCuBA) project, our goal was to elevate the federal government’s baseline for email and cloud environments by optimizing the security capabilities available within widely used products and services while enabling operational visibility at the enterprise-level in support of our shared cybersecurity mission. A community for sharing and promoting free/libre and open-source software (freedomware) on the Android platform. Dec 17, 2024 · SCuBA assessment tools for in-scope cloud tenants have been enrolled in the SCuBA continuous reporting solution or results submitted manually in the CyberScope SCuBA Tenant Inventory site. The RunSCuBA. Each rego file essentially audits against the "desired state" for each product, per the SCuBA M365 secure configuration baseline Nov 27, 2024 · Secure Cloud Business Applications (SCuBA) CISA (Cybersecurity and Infrastructure Security Agency) created the Secure Cloud Business Applications (SCuBA) project, which provides guidance and capabilities to secure agencies’ cloud business application environments and protect federal information that is created, accessed, shared, and stored in those environments. Desktop. ScubaGear is an assessment tool that verifies that a Microsoft 365 (M365) tenant’s configuration conforms to the policies described in the Secure Cloud Business Applications Secure Configuration Baseline documents. The main PowerShell module manifest SCuBA. SCuBA’s guidance aims to protect information that organizations create, access, share, or store in cloud environments. Dependencies. 4. In this article, I am going to show you how to run the tool and introduce you to a fork I created which additionally maps these recommendations to the CIS Controls. Note: This documentation can be read using GitHub Pages. Overview. Oct 23, 2024 · The SCuBA program provides a valuable assessment tool called ScubaGear to provide reports that help harden Microsoft 365 environments. psd1 is located in the PowerShell folder. Secure Cloud Business Applications (SCuBA) provides tailored cloud solutions guidance and secure configuration baselines (SCBs) for Microsoft 365 (M365) and Google Workspace (GWS) applications. . 2. ScubaGear uses a three-step process: Step One – PowerShell code queries M365 APIs for various configuration settings. It uses PowerShell to query M365 APIs for various configuration settings. It then delivers actionable security change insights and recommendations that allow the tenant administrator to close security gaps and attain a stronger defense within their M365 environment. PSEditions. Nov 18, 2024 · ScubaGear is an open-source tool the Cybersecurity and Infrastructure Security Agency (CISA) created to automatically evaluate Microsoft 365 (M365) configurations for potential security gaps. Add MITRE ATT&CK Mappings to all M365 secure configuration baselines #1106; Change Azure Active Directory namings in baselines to use Entra ID equivalent #1176; Remove MS. Sep 10, 2024 · ScubaGear is for M365 administrators who want to assess their tenant environments against CISA Secure Configuration Baselines. Apr 2, 2024 · CISA O365 M365 AzureAD Configuration Exchange Report Security SharePoint Defender Teams PowerPlatform OneDrive. Rego holds the . , and software that isn’t designed to restrict you in any way. For the mandatory policies identified as “failures,” follow the next steps below: Fix broken import path in Initialize-SCuBA #1363; See full list of bug fixes here; Baselines. md at main · cisagov/ScubaGear Automation to assess the state of your M365 tenant against CISA's baselines - cisagov/ScubaGear May 17, 2023 · Quick How-To on installing and running the app. Microsoft has worked together with CISA to produce and maintain the secure configuration baselines for ScubaGear as well as an accompanying PowerShell script tool to scan M365 environments. Dec 21, 2023 · CISA has published the finalized Microsoft 365 Secure Configuration Baselines, designed to bolster the security and resilience of organizations’ Microsoft 365 (M365) cloud services. rego files. Nov 13, 2024 · ScubaGear rapidly and thoroughly analyzes an organization’s M365 tenant configuration. Mar 9, 2024 · Tools You Should Know: ScubaGear Developed by CISA, ScubaGear is an assessment tool that verifies a Microsoft 365 (M365) tenant’s configuration conforms to the policies described in the Secure Cloud Business Applications (SCuBA) Security Configuration Baseline documents. Second – Open a browser and login into it using the newly created Global Administrator Account The main PowerShell module manifest SCuBA. Invoke-SCuBA Invoke-RunCached Disconnect-SCuBATenant Copy-ScubaBaselineDocument Install-OPA Initialize-SCuBA Debug-SCuBA Copy-ScubaSampleReport Copy-ScubaSampleConfigFile New-Config. The tool operates in three main steps: 1. First – Get Global Administrator permissions to the M365 Tenant. This guidance release is accompanied by the updated SCuBAGear tool that assesses organizations’ M365 cloud services per CISA’s recommended baselines. Testing contains code that is used during the development process to unit test Rego policies. pufzkdozgaxwgwasmknqwqsejpxcwymgkpuoguhulpoebh