cisagov ScubaGear issues

cisagov / ScubaGear

Automation to assess the state of your M365 tenant against CISA's baselines

https://www.cisa.gov/resources-tools/services/secure-cloud-business-applications-scuba-project

Creative Commons Zero v1.0 Universal

1.76k stars 226 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Clarify License Requirements in assumptions.md

#1439 adhilto opened 17 hours ago
0
Deprecate the -KeepIndividualJSON parameter

#1438 buidav opened 1 day ago
0
Validate the parameters passed into the Scuba config file

#1437 buidav opened 1 day ago
0
AccessDenied executing Get-MgBetaIdentityConditionalAccessPolicy

#1436 sam-i-am-clark opened 1 day ago
1
Convert baseline markdown files to text and HTML

#1435 james-garriss opened 1 day ago
0
Link in the sample-report broken

#1434 elysiumsecurityltd opened 3 days ago
3
Conduct hands-on examination of organization and user level audit settings for Exchange Online mailboxes

#1433 tkol2022 opened 3 days ago
0
Update SCB acronym to be synonymous with "Secure Configuration Baseline" for consistency

#1432 ahuynhMITRE opened 6 days ago
0
Update AAD.3.1v1 to include device-bound passkeys language and resource to AAD.3.1

#1431 ahuynhMITRE opened 6 days ago
0
Convert workflow testing code to functions

#1430 james-garriss closed 11 hours ago
3
Modify workflow code to use functions instead of modules

#1429 james-garriss closed 11 hours ago
0
Update schedule for functional test workflow

#1428 james-garriss closed 6 days ago
1
Modify functional test schedule to run on Thursday night

#1427 james-garriss closed 6 days ago
0
Add the report UUID to the ScubaResults.json filename

#1426 adhilto opened 1 week ago
26
Update Config file documentation and document ability to add organizational metadata to the config file

#1425 buidav opened 1 week ago
0
Added version update notification

#1424 twneale opened 1 week ago
0
Add service principal setup to functional testing documentation

#1423 ehaines1 closed 1 day ago
0
Append UUID to ScubaResults.json by default

#1422 buidav opened 1 week ago
0
Certificate error due to broken url

#1421 ahuynhMITRE opened 1 week ago
0
Proposal: Create a new EXO policy to check for users with Default or Anonymous mailbox folder permissions

#1420 tkol2022 opened 1 week ago
0
Proposal: Create a new EXO policy to check for users and groups that hold the ApplicationImpersonation role

#1419 tkol2022 opened 1 week ago
0
Proposal: Create a new Defender policy to disable PowerShell access to inboxes from non-administrative users

#1418 tkol2022 opened 1 week ago
0
Proposal: Create a new Defender policy to check for users with their mailbox audit logging bypassed

#1417 tkol2022 opened 1 week ago
0
Policy question: Does Defender policy 6.2 need updates since Microsoft changed their default logging events for standard license holders?

#1416 tkol2022 opened 1 week ago
0
Proposal: change name of Defender 6.1 policy to more accurately reflect which configuration ScubaGear actually checks

#1415 tkol2022 opened 1 week ago
0
Could not connect to SharePoint Online: Legacy Auth blocked by ADFS Claim rule

#1414 buidav opened 1 week ago
0
Update incorrect hyperlinks in SCB markdown

#1413 ahuynhMITRE closed 1 week ago
3
Correct omission in documentation about importing module when downloading from GitHub

#1412 james-garriss closed 6 days ago
1
Download documentation omits importing the module

#1411 james-garriss closed 6 days ago
0
Remove policy MS.SHAREPOINT4.2v1 due to Microsoft update to custom scripting settings

#1410 ahuynhMITRE opened 1 week ago
1
Update Microsoft.PowerApps.Administration.PowerShell to v2.0.200

#1409 schrolla opened 1 week ago
0
Remove extraneous SHALL from MS.DEFENDER.4.1

#1408 schrolla opened 2 weeks ago
0
sharepoint will be omitted from the output because of failed authentication

#1407 lexpr0 opened 2 weeks ago
8
improve performance of Defender query to count users without advanced auditing

#1406 tkol2022 closed 6 days ago
2
Failed to execute in Azure B2C

#1405 sotodan opened 2 weeks ago
4
Defender export provider inadvertently downloads user data when retrieving a count of users without advanced auditing

#1404 tkol2022 closed 6 days ago
6
Write unit tests for Invoke-PSSA

#1403 james-garriss opened 2 weeks ago
0
Move workflow code into functions and write unit tests for them

#1402 james-garriss opened 2 weeks ago
1
Improve functional test notifications

#1401 james-garriss closed 1 week ago
1
Code Update: Removal of decommissioning Custom Script SharePoint Online Settings from the rego and yaml files

#1400 ahuynhMITRE opened 2 weeks ago
0
SCB Update: Removal of decommissioning Custom Script SharePoint Online settings from the SCBs

#1399 ahuynhMITRE opened 2 weeks ago
0
Update Front Matter across SCBs and specific language in the Defender SCB to match OCC approved language

#1398 ahuynhMITRE closed 1 week ago
4
Determine risky permissions assignable from both Microsoft Graph and other APIs

#1397 mitchelbaker-cisa opened 2 weeks ago
1
Power Platform DLP Policy bug

#1396 desmay opened 2 weeks ago
7
Bump OPA version from v0.69.0 to v0.70.0

#1395 github-actions[bot] closed 12 hours ago
0
Conduct an impact analysis of Inbound SMTP DANE with DNSSEC for Exchange Online

#1394 tkol2022 opened 3 weeks ago
1
Update SCBs with new front matter text approved by OCC

#1393 ahuynhMITRE closed 1 week ago
0
Lionfish Documentation Updates

#1392 schrolla opened 3 weeks ago
0
Modify Connection module to read from JSON permissions file instead of hard coded values

#1391 tkol2022 opened 3 weeks ago
1
Fix schedule bug in nightly functional tests

#1390 james-garriss closed 3 weeks ago
0