Skip to content

v0.5.0 — Defender O365 + Defender Cloud depth + CI matrix

Choose a tag to compare

@ibondarenko1 ibondarenko1 released this 23 May 18:55

+9 checks across Defender for Office 365 and Defender for Cloud, plus cross-platform CI matrix.

New Defender for O365 checks (+6, mock-mode)

  • ZAP (Zero-hour Auto Purge) for phish disabled — P2 (loses post-delivery threat-removal)
  • ZAP for spam disabled — P3
  • Outbound spam recipient limit too permissive — P2 (compromised-account amplification)
  • Outbound spam no admin notification — P2 (threshold breaches invisible)
  • Transport rules count drift — P3 (review for stale rules)
  • Attack Simulation Training campaigns count — P3 (user-awareness baseline)

New Defender for Cloud checks (+3)

  • Recommendation severity breakdown with High-count gating
  • Defender for AI plane status (informational, model tracking + prompt-injection threats)
  • Continuous export to Sentinel configured

CI matrix

GitHub Actions now runs Pester suite on:

  • ubuntu-latest (PowerShell 7)
  • windows-latest (PowerShell 7 + naturally PS 5.1 coverage)
  • macos-latest (PowerShell 7)

Plus consolidated static-checks job: JSON validation, PSScriptAnalyzer (Error severity), KQL header check, fixture-data sanity check (non-synthetic GUID detection).

End-to-end mock: 58 findings

Up from 49 in v0.4.0. Distribution: 2 P1, 12 P2, 25 P3, 19 INFO.

Next: v0.6 (documentation depth)

Per-domain walkthroughs, threat model, FAQ, Architecture Decision Records.