Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

v0.2.0 release #24

Merged
merged 3 commits into from
Dec 16, 2022
Merged

v0.2.0 release #24

merged 3 commits into from
Dec 16, 2022

Conversation

ethanb-cisa
Copy link
Contributor

v.0.2.0 release

Major Changes

  • Use cmdlet Invoke-SCuBA to start an assessment. Removed RunSCuBA.ps1. See README for more.
  • Added GCC-H/DOD endpoints. Use the -M365Environment parameter.
  • Exchange, Defender for Office 365, and Teams can now be run with the Global Reader role instead of administrator permissions.
  • Removed Graph API Scope Policy.ReadWRITE.AuthenticationMethod.
  • Added Disconnect-SCuBATenant cmdlet and Invoke-SCuBA -DisconnectOnExit option to help manage connections to multiple tenants. Using either method will make your next run connect to a new tenant.

Documentation

  • Significant changes to the README for clarity and new usage examples and a cool diagram.
  • Updated links in the HTML report to reference CISA's SCuBA website and the baseline documents.
  • Added the tenant name and tenantId to the HTML report to help determine which tenant was assessed.
  • AAD report now includes a warning that exclusions to Conditional Access Policies are not evaluated and that may impact your compliance with certain controls.
  • Added a sample-report folder to the repository that will be updated with the latest report template each release. Thanks to public suggestion. Sample Report Output #2

Code

  • Refactored the Power Platform exclusive -Endpoint parameter to the -M365Environment parameter to support connecting to different endpoints for any product.
  • Required dependencies are now checked on module import.
  • Added * parameter to the ProductNames parameter in Invoke-SCuBA to run all products
  • Setup.ps1 now only installs modules if they are not already installed based on a minimum version.
  • Improved error handling in some providers. Others will be updated in the next release.
  • Improved code documentation to enable Get-Help functionality.
  • Tool now increases PowerShell's $MaximumFunctionCount to support all the cmdlets exported by MS Graph.
  • Fixed bug with Teams provider and JSON parsing. See: Getting an unable to parse input: yaml error #12

Rego/Policies

  • Fixed Rego check for OneDrive policy 2.4, which resulted in incorrect results.
  • Fixed Rego check for Defender 2.7 and 2.8, which resulted in incorrect results.
  • Added support for Exchange policy 2.6 bullet 8, which was not previously implemented.
  • Removed automation support for part of SharePoint policy 2.5 (Prevent users from running custom script on personal sites), due to a bug with comparison logic. Hope to have it added back in the next release.

Baselines

  • No changes. We do not anticipate making edits to the baseline documents until Q2 2023.

@ethanb-cisa ethanb-cisa self-assigned this Dec 16, 2022
Copy link
Collaborator

@gdasher gdasher left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Copy link
Collaborator

@buidav buidav left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A new line was added from the merge with main. Doesn't look like it's breaking anything though, so just fix before merging.

.github/workflows/run_opa_tests.yaml Outdated Show resolved Hide resolved
Co-authored-by: buidav <105074908+buidav@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

3 participants