Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Detailed Report message - Gmail #84

Closed
Tracked by #90
amart241 opened this issue Dec 7, 2023 · 1 comment · Fixed by #278
Closed
Tracked by #90

Detailed Report message - Gmail #84

amart241 opened this issue Dec 7, 2023 · 1 comment · Fixed by #278
Assignees
@snarve
Labels
enhancement Low
Milestone
Barracuda

Comments

@amart241
Copy link
Collaborator

amart241 commented Dec 7, 2023
edited by snarve
Loading

Update Gmail baselines and add detailed report messages
@buidav buidav added this to the Backlog milestone Dec 8, 2023
@adhilto
Copy link
Collaborator

adhilto commented Feb 5, 2024

Potentially relevant code snippets from old repo:

2.1

MailDelegationSettingDetailsStr(LastEvent) = Description if {
LastEvent.NewValue == "false"
Description := concat("", ["Users are not allowed to delegate access to their mailbox in ", LastEvent.OrgUnit])
}

MailDelegationSettingDetailsStr(LastEvent) = Description if {
LastEvent.NewValue == "true"
Description := concat("", ["Users are allowed to delegate access to their mailbox in ", LastEvent.OrgUnit])
}

2.2

ConfidentialModeSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "false"
    Description := concat("", ["<span class=setting>Confidential mode is disabled for users </span> in ", LastEvent.OrgUnit])
}

ConfidentialModeSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "true"
    Description := concat("", ["<span class=setting>Confidential mode is enabled for users </span> in ", LastEvent.OrgUnit])
}

2.3

SMIMESettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "STATUS_ENABLED"
    Description := concat("", ["<span class=setting>S/MIME is enabled for Gmail messages </span> in ", LastEvent.OrgUnit])
}

SMIMESettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "STATUS_DISABLED"
    Description := concat("", ["<span class=setting>S/MIME is disabled for Gmail messages </span> in ", LastEvent.OrgUnit])
}

2.7.1

AttachmentProtectionsAutoUpdateSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "true"
    Description := concat("", ["<span class=setting>Future recommended settings for attachment protections are automatically applied by Google </span> in ", LastEvent.OrgUnit])
}

AttachmentProtectionsAutoUpdateSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "false"
    Description := concat("", ["<span class=setting>Future recommended settings for attachment protections are not automatically applied by Google </span> in ", LastEvent.OrgUnit])
}

2.7.2

AnomalousAttachmentSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "true"
    Description := concat("", ["<span class=setting>Attachment protection for anomalous attachment types is enabled </span> in ", LastEvent.OrgUnit])
}

AnomalousAttachmentSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "false"
    Description := concat("", ["<span class=setting>Attachment protection for anomalous attachment types is not enabled </span> in ", LastEvent.OrgUnit])
}

2.7.3

ScriptAttachmentSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "true"
    Description := concat("", ["<span class=setting>Attachment protection for attachments with scripts from untrusted senders is enabled</span> in ", LastEvent.OrgUnit])
}

ScriptAttachmentSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "false"
    Description := concat("", ["<span class=setting>Attachment protection for attachments with scripts from untrusted senders is not enabled</span> in ", LastEvent.OrgUnit])
}

2.7.4

EncryptedAttachmentSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "true"
    Description := concat("", ["<span class=setting>Attachment protection for encrypted attachments from untrusted senders is enabled</span> in ", LastEvent.OrgUnit])
}

EncryptedAttachmentSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "false"
    Description := concat("", ["<span class=setting>Attachment protection for encrypted attachments from untrusted senders is not enabled</span> in ", LastEvent.OrgUnit])
}

2.8.1


LinkExternalImageProtectionAutoUpdateSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "true"
    Description := concat("", ["<span class=setting>Future recommended settings for links and external images protections are automatically applied by Google </span> in ", LastEvent.OrgUnit])
}

LinkExternalImageProtectionAutoUpdateSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "false"
    Description := concat("", ["<span class=setting>Future recommended settings for links and external images protections are not automatically applied by Google </span> in ", LastEvent.OrgUnit])
}

2.8.2

WarningLinksUntrustedDomainsSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "true"
    Description := concat("", ["<span class=setting>Warning prompts are shown for any clicks on links to untrusted domains</span> in ", LastEvent.OrgUnit])
}

WarningLinksUntrustedDomainsSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "false"
    Description := concat("", ["<span class=setting>Warning prompts are not shown for any clicks on links to untrusted domains</span> in ", LastEvent.OrgUnit])
}

2.8.3

ScanLinkedImagesSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "true"
    Description := concat("", ["<span class=setting>Linked images are scanned</span> in ", LastEvent.OrgUnit])
}

ScanLinkedImagesSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "false"
    Description := concat("", ["<span class=setting>Linked images are not scanned</span> in ", LastEvent.OrgUnit])
}

2.8.4

IdentifyLinksURLsSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "true"
    Description := concat("", ["<span class=setting>Links behind shortened URLs are identified</span> in ", LastEvent.OrgUnit])
}

IdentifyLinksURLsSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "false"
    Description := concat("", ["<span class=setting>Links behind shortened URLs are not identified</span> in ", LastEvent.OrgUnit])
}

2.9.1

SpoofingAuthenticationProtectionsAutoUpdateSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "true"
    Description := concat("", ["<span class=setting>Future recommended settings for spoofing and authentication protections are automatically applied by Google </span> in ", LastEvent.OrgUnit])
}

SpoofingAuthenticationProtectionsAutoUpdateSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "false"
    Description := concat("", ["<span class=setting>Future recommended settings for spoofing and authentication protections are not automatically applied by Google </span> in ", LastEvent.OrgUnit])
}

2.9.2

InboundEmailDomainSpoofingGroupsSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "true"
    Description := concat("", ["<span class=setting>Groups are protected from inbound emails spoofing your domain </span> in ", LastEvent.OrgUnit])
}

InboundEmailDomainSpoofingGroupsSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "false"
    Description := concat("", ["<span class=setting>Groups are not protected from inbound emails spoofing your domain </span> in ", LastEvent.OrgUnit])
}

2.9.3

UnauthenticatedEmailProtectionSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "true"
    Description := concat("", ["<span class=setting>Protection against any unauthenticated emails is enabled </span> in ", LastEvent.OrgUnit])
}

UnauthenticatedEmailProtectionSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "false"
    Description := concat("", ["<span class=setting>Protection against any unauthenticated emails is not enabled </span> in ", LastEvent.OrgUnit])
}

2.9.4

InboundEmailDomainSpoofingSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "true"
    Description := concat("", ["<span class=setting>Protection against inbound emails spoofing your domain is enabled</span> in ", LastEvent.OrgUnit])
}

InboundEmailDomainSpoofingSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "false"
    Description := concat("", ["<span class=setting>Protection against inbound emails spoofing your domain is not enabled</span> in ", LastEvent.OrgUnit])
}

2.9.5


EmployeeNameSpoofingSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "true"
    Description := concat("", ["<span class=setting>Protection against spoofing of employee names is enabled</span> in ", LastEvent.OrgUnit])
}

EmployeeNameSpoofingSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "false"
    Description := concat("", ["<span class=setting>Protection against spoofing of employee names is not enabled</span> in ", LastEvent.OrgUnit])
}

2.9.6


SimilarDomainNameSpoofingSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "true"
    Description := concat("", ["<span class=setting>Protection against domain spoofing based on similar domain names is enabled</span> in ", LastEvent.OrgUnit])
}

SimilarDomainNameSpoofingSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "false"
    Description := concat("", ["<span class=setting>Protection against domain spoofing based on similar domain names is not enabled</span> in ", LastEvent.OrgUnit])
}

2.10

UserEmailUploadSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "true"
    Description := concat("", ["<span class=setting>User email uploads are enabled </span> in ", LastEvent.OrgUnit])
}

UserEmailUploadSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "false"
    Description := concat("", ["<span class=setting>User email uploads are not enabled </span> in ", LastEvent.OrgUnit])
}

2.11.1


PopAccessSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "true"
    Description := concat("", ["<span class=setting>POP access for users is enabled </span> in ", LastEvent.OrgUnit])
}

PopAccessSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "false"
    Description := concat("", ["<span class=setting>POP access for users is not enabled </span> in ", LastEvent.OrgUnit])
}

2.11.2


ImapAccessSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "ENABLED_FOR_ALL_MAIL_CLIENTS"
    Description := concat("", ["<span class=setting>IMAP access for users is enabled </span> in ", LastEvent.OrgUnit])
}

ImapAccessSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "DISABLED"
    Description := concat("", ["<span class=setting>IMAP access for users is not enabled </span> in ", LastEvent.OrgUnit])
}

2.12


GoogleWorkspaceSyncSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "true"
    Description := concat("", ["<span class=setting>Google Workspace Sync for Microsoft Outlook is enabled </span> in ", LastEvent.OrgUnit])
}

GoogleWorkspaceSyncSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "false"
    Description := concat("", ["<span class=setting>Google Workspace Sync for Microsoft Outlook is not enabled </span> in ", LastEvent.OrgUnit])
}

2.13


AutomaticForwardingSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "true"
    Description := concat("", ["<span class=setting>Users are allowed to automatically forward incoming email to another address </span> in ", LastEvent.OrgUnit])
}

AutomaticForwardingSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "false"
    Description := concat("", ["<span class=setting>Users are not allowed to automatically forward incoming email to another address </span> in ", LastEvent.OrgUnit])
}

2.14

ImageUrlProxyWhitelistsSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "1"
    Description := concat("", ["<span class=setting>Image URL proxy allowlist is enabled </span> in ", LastEvent.OrgUnit])
}

ImageUrlProxyWhitelistsSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "DEFAULT"
    Description := concat("", ["<span class=setting>Image URL proxy allowlist is not enabled </span> in ", LastEvent.OrgUnit])
}

2.15


PerUserOutboundGatewaySettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "true"
    Description := concat("", ["<span class=setting>Users are allowed to send mail through an external SMTP server when configuring a from address hosted outside your email domain </span> in ", LastEvent.OrgUnit])
}

PerUserOutboundGatewaySettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "false"
    Description := concat("", ["<span class=setting>Users are not allowed to send mail through an external SMTP server when configuring a from address hosted outside your email domain </span> in ", LastEvent.OrgUnit])
}

2.16


ExternalReplyWarningSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "true"
    Description := concat("", ["<span class=setting>Users are warned before they reply to email with external recipients who aren't in their contacts </span> in ", LastEvent.OrgUnit])
}

ExternalReplyWarningSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "false"
    Description := concat("", ["<span class=setting>Users are not warned before they reply to email with external recipients who aren't in their contacts </span> in ", LastEvent.OrgUnit])
}

2.17

EmailAllowlistSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue != "[]"
    Description := concat("", ["<span class=setting>Email allowlists are enabled </span> in ", LastEvent.DomainName])
}

EmailAllowlistSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "[]"
    Description := concat("", ["<span class=setting>Email allowlists are not enabled </span> in ", LastEvent.DomainName])
}

2.18


EnhancedPreDeliveryMessageScanningSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "true"
    Description := concat("", ["<span class=setting>Improved detection of suspicious content prior to delivery is enabled </span> in ", LastEvent.OrgUnit])
}

EnhancedPreDeliveryMessageScanningSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "false"
    Description := concat("", ["<span class=setting>Improved detection of suspicious content prior to delivery is not enabled </span> in ", LastEvent.OrgUnit])
}

2.19

SecuritySandboxSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "true"
    Description := concat("", ["<span class=setting>Virtual execution of attachments in a sandbox environment for all users is enabled </span> in ", LastEvent.OrgUnit])
}

SecuritySandboxSettingDetailsStr(LastEvent) = Description if {
    LastEvent.NewValue == "false"
    Description := concat("", ["<span class=setting>Virtual execution of attachments in a sandbox environment for all users is not enabled </span> in ", LastEvent.OrgUnit])
}

@adhilto adhilto mentioned this issue Feb 5, 2024
Open
10 tasks
@snarve snarve self-assigned this Mar 6, 2024
snarve added a commit that referenced this issue Apr 2, 2024
@snarve
[#84, #197] Group override and detailed report for policy 1 through 5
da26359
snarve added a commit that referenced this issue Apr 2, 2024
@snarve
[#84, 197] Policy 6 updated
1c07082
snarve added a commit that referenced this issue Apr 3, 2024
@snarve
[#84] Policy 6, 7, 8 and 9 done
6498656
snarve added a commit that referenced this issue Apr 3, 2024
@snarve
[#84] All policies updated
d1349fa
@snarve snarve mentioned this issue Apr 11, 2024
Closed
6 tasks
snarve added a commit that referenced this issue Apr 12, 2024
@snarve
[#84] Unit tests and rego code updates
6e57616
snarve added a commit that referenced this issue Apr 15, 2024
@snarve
[#84] Update unit tests
9a3868f
snarve added a commit that referenced this issue Apr 15, 2024
@snarve
[#84] Update unit tests for policy #7
560b4f4
snarve added a commit that referenced this issue Apr 15, 2024
@snarve
[#84] Update unit tests for policy 7
bd241b3
snarve added a commit that referenced this issue Apr 16, 2024
@snarve
[#84] More unit tests updates
1d0c2b8
snarve added a commit that referenced this issue Apr 18, 2024
@snarve
[#84] Resolve errors
94e99fd
snarve added a commit that referenced this issue May 9, 2024
@snarve
[#84] Unit tests updates
8748b24
snarve added a commit that referenced this issue May 9, 2024
@snarve
[#84] Fix errors in unit tests
17e230c
@snarve snarve mentioned this issue May 9, 2024
Merged
14 tasks
@snarve snarve linked a pull request May 9, 2024 that will close this issue
[#84] Detailed report message Gmail #278
Merged
14 tasks
snarve added a commit that referenced this issue May 9, 2024
@snarve
[#84] Remove linter errors
6c67dd1
snarve added a commit that referenced this issue May 9, 2024
@snarve
[#84] More linter errors
e74231f
snarve added a commit that referenced this issue May 9, 2024
@snarve
[#84] Final linter improvements
efd3273
snarve added a commit that referenced this issue May 10, 2024
@snarve
[#84] Another linter update
92342a6
snarve added a commit that referenced this issue May 10, 2024
@snarve
[#84] Linter update
45d289d
snarve added a commit that referenced this issue May 21, 2024
@snarve
[#84] MR updates
8d6644e
snarve added a commit that referenced this issue May 21, 2024
@snarve
[#84] Fix unit tests to sync with MR updates
be3f27c
snarve added a commit that referenced this issue May 22, 2024
@snarve
[#84] More MR updates
45a2466
snarve added a commit that referenced this issue May 27, 2024
@snarve
[#84] Add detailed report message for policies with multiple settings
4fbc010
snarve added a commit that referenced this issue May 27, 2024
@snarve
[#84] Add friendly message for policy 5
6745ab1
snarve added a commit that referenced this issue May 27, 2024
@snarve
[#84] Fix typo
e04f7ed
snarve added a commit that referenced this issue May 27, 2024
@snarve
[#84] Unit tests updates
7d9e80c
snarve added a commit that referenced this issue May 28, 2024
@snarve
[#84] Fixed unit tests
a494c76
snarve added a commit that referenced this issue May 28, 2024
@snarve
[#84] Linter fix
9107923
snarve added a commit that referenced this issue May 30, 2024
@snarve
[#84] Update policy 9
4ba3df6
snarve added a commit that referenced this issue May 30, 2024
@snarve
[#84] Update unit tests for policy 9
87ca89c
snarve added a commit that referenced this issue May 30, 2024
@snarve
[#84] missing comma
648e8eb
snarve added a commit that referenced this issue May 30, 2024
@snarve
[#84] Add support for Group for policy 9
06c4296
snarve added a commit that referenced this issue May 30, 2024
@snarve
[#84] Fix unit tests report details for policy 9
2b15ab8
snarve added a commit that referenced this issue May 30, 2024
@snarve
[#84] Linter request
dee75ea
snarve added a commit that referenced this issue May 30, 2024
@snarve
[#84] Linter request
9fd5d40
snarve added a commit that referenced this issue May 30, 2024
@snarve
[#84] Linter request
78e016e
snarve added a commit that referenced this issue Jun 3, 2024
@snarve
[#84] Added back comment for consistency
750ece5
adhilto added a commit that referenced this issue Jun 3, 2024
@snarve @adhilto
[#84] Detailed report message Gmail (#278)
a6afc84 
*  Group override and detailed report for Gmail

---------

Co-authored-by: Alden Hilton <106177711+adhilto@users.noreply.github.com>
Co-authored-by: Alden Hilton <adhilto@sandia.gov>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@snarve snarve

Labels
enhancement Low
Projects
None yet
Milestone
Barracuda
Development

Successfully merging a pull request may close this issue.

[#84] Detailed report message Gmail cisagov/ScubaGoggles
4 participants
@buidav @amart241 @adhilto @snarve