Address EXO comment and structural changes in the baseline document #436

buidav · 2023-07-13T16:10:47Z

🗣 Description

Reformatted the baseline document with new structure and policy identifiers
Refine and update policy statements to address pilot feedback.
Updated implementation steps for any out-of-date instructions
Address the EXO baseline portion of Fix EXO deprecated alert policies in MS.EXO.16.1 #29 . Code updates need to be made in defender.

Added to this PR from the TODOs.

address mirrored Defender policies. Standardize the structure and language for the mirrored Defender policies in Teams and EXO #435
address Purview Audit name change Update Microsoft compliance product and portal names in baselines #277

TODO: address code updates in #429
TODO: add rationale to the baseline document Issue: #434 PR: #447

💭 Motivation and context

Looks like closing keywords no longer work if the base branch isn't the default branch?

closes #285
closes #247

🧪 Testing

Retested instructions for the EXO policies on commercial and GCC tenants.
Addressed comments in the comments matrix.

✅ Pre-approval checklist

This PR has an informative and human-readable title.
Changes are limited to a single goal - eschew scope creep!
All future TODOs are captured in issues, which are referenced
in code comments.
All relevant type-of-change labels have been added.
All relevant repo and/or project documentation has been updated
to reflect the changes in this PR.

✅ Pre-merge checklist

✅ Post-merge checklist

schrolla

Part 1 of my review that covers Introduction through DLP (Section 8). I split my comments up so I could get this set out for remediation as I work on the remainder in a separate review. Part 2 is my highest priority to complete next.

baselines/exo.md

schrolla

See individual comments. Many are simply updating the Defender mappings to point to the new policy group names rather than the SHALL/SHOULD old style naming.

baselines/exo.md

buidav · 2023-07-19T19:12:38Z

@schrolla Addressed all of your comments. Comments addressed have a 👍🚀.
Ready for another pass.

baselines/exo.md

buidav · 2023-07-20T18:01:26Z

@Dylan-MITRE Addressed your feedback. I'm avoiding commenting directly because the unit tests are running every time I submit a comment 😱. Any comment with a 👍🚀 means I've addressed it with your suggestion.

@schrolla changed the links to Defender to be relative.
Looking at it now a replace all to the absolute path for the pdf version should be achievable with little work.

baselines/exo.md

schrolla

Found two minor typos when looking over other revisions made. Should be a quick fix with the suggestions to remove the extra character.

baselines/exo.md

Co-authored-by: Addam Schroll <108814318+schrolla@users.noreply.github.com>

…436) * adjudicate exo comments and refactor implementation * address #29 in the baseline document * Update baselines/exo.md Co-authored-by: Addam Schroll <108814318+schrolla@users.noreply.github.com> * Update baselines/exo.md Co-authored-by: Addam Schroll <108814318+schrolla@users.noreply.github.com> * Update baselines/exo.md Co-authored-by: Addam Schroll <108814318+schrolla@users.noreply.github.com> * Update baselines/exo.md Co-authored-by: Addam Schroll <108814318+schrolla@users.noreply.github.com> * Get-OrganizationConfig Spacing Co-authored-by: Addam Schroll <108814318+schrolla@users.noreply.github.com> * Defender apostrophe typo fix Co-authored-by: Addam Schroll <108814318+schrolla@users.noreply.github.com> * first pass at addressing comments * address all current feedback * clean up Defender duplicated policy linking * clean up missing clarification * address 2nd round of feedback * clean up the defender links round 2 * fix the brain fart * Update baselines/exo.md Co-authored-by: Addam Schroll <108814318+schrolla@users.noreply.github.com> * spacing the rationale --------- Co-authored-by: Addam Schroll <108814318+schrolla@users.noreply.github.com>

buidav added the baseline-document Issues relating to the text in the baseline documents themselves label Jul 13, 2023

buidav added this to the Emerald milestone Jul 13, 2023

buidav requested review from Dylan-MITRE and schrolla July 13, 2023 16:10

buidav self-assigned this Jul 13, 2023

buidav changed the base branch from main to emerald July 13, 2023 16:10

schrolla requested changes Jul 14, 2023

View reviewed changes

schrolla force-pushed the emerald branch from 34037da to a31e6c0 Compare July 17, 2023 13:27

buidav force-pushed the 285-clarify-several-polices-in-exo-2 branch from 683f409 to 31577eb Compare July 17, 2023 20:13

schrolla requested changes Jul 18, 2023

View reviewed changes

buidav force-pushed the 285-clarify-several-polices-in-exo-2 branch from 58fa8e4 to 1ad2362 Compare July 19, 2023 04:38

buidav requested a review from schrolla July 19, 2023 19:12