search

cisagov / ScubaGoggles

SCuBA Secure Configuration Baselines and assessment tool for Google Workspace
https://www.cisa.gov/resources-tools/services/secure-cloud-business-applications-scuba-project
Creative Commons Zero v1.0 Universal
164 stars 22 forks source link

GWS.COMMONCONTROLS.11.2v0.3 does not detect setting inheritance #465

Open adhilto opened 1 month ago

adhilto commented 1 month ago

🐛 Summary

GWS.COMMONCONTROLS.11.2v0.3 does not detect setting inheritance (for both OUs and groups)

To reproduce

  1. Follow https://github.com/cisagov/ScubaGoggles/blob/main/baselines/commoncontrols.md#gwscommoncontrols112v03-instructions. Ensure there is an event for the top-level OU
  2. Make a child OU or a group non-compliant.
  3. Click "Inherit" (or "Unset" for a group).
  4. Run ScubaGoggles. The child OU or group will still show as non-compliant.

Expected behavior

The child OU / group to show as compliant if it inherits from its parent.

Any helpful log output or screenshots

N/A