cisagov/ScubaGear issues and pull requests

#1554 - Decompose Defender baseline policy associations with other M365 products

Issue - State: open - Opened by schrolla 3 days ago
Labels: baseline-document, analysis-required

#1553 - Create and Update client certificates for Automation processes

Issue - State: open - Opened by tkol2022 3 days ago
Labels: infrastructure

#1552 - Update the OPA Version Bump Workflow to automatically run an OPA unit test and a smoke test with the new version

Issue - State: open - Opened by buidav 5 days ago
Labels: enhancement

#1551 - Tune MS.EXO.1.1v1 to allow for exceptional cases

Issue - State: open - Opened by buidav 5 days ago
Labels: enhancement, baseline-document

#1550 - Bump OPA version from v1.0.1 to v1.1.0

Pull Request - State: open - Opened by github-actions[bot] 5 days ago
Labels: version bump

#1549 - Add rego checks to test AAD policy with Authenticator

Pull Request - State: open - Opened by ehaines1 5 days ago - 8 comments
Labels: bug, public-reported

#1548 - Update conditional statement in CreateReport.psm1 for new SHALL/Conditional policies

Issue - State: open - Opened by ahuynhMITRE 5 days ago
Labels: enhancement

#1547 - Config file error message for duplicate keys fixed and improved

Pull Request - State: open - Opened by amart241 5 days ago - 2 comments
Labels: enhancement

#1546 - Update PowerShellGet to current version

Issue - State: open - Opened by james-garriss 5 days ago - 1 comment
Labels: enhancement

#1545 - Teams functional test for policy 4.1 is failing for both compliant and non-complaint cases

Issue - State: open - Opened by nanda-katikaneni 8 days ago
Labels: bug, Testing

#1544 - check for the use of microsoft authenticator otps

Pull Request - State: closed - Opened by ehaines1 8 days ago - 1 comment
Labels: bug

#1543 - Running Invoke-ScubaCached on the same JSON file causes System out of memory error

Issue - State: open - Opened by buidav 9 days ago
Labels: bug

#1542 - EXO - A parameter cannot be found that matches parameter name 'CertThumbprintParams'

Issue - State: open - Opened by VNerdIO 9 days ago
Labels: public-reported

#1541 - Exo provider finishes with error : The term 'Get-RemoteDomain' is not recognized as the name of a cmdlet

Issue - State: closed - Opened by slavag 9 days ago
Labels: public-reported

#1540 - Teams baselines: create a new baseline to restrict tenant users joining externally organized meetings and update ScubaGear to check the new policy

Issue - State: open - Opened by nanda-katikaneni 9 days ago
Labels: enhancement, baseline-document

#1539 - Update diagnostic data collection automation script

Issue - State: open - Opened by schrolla 10 days ago
Labels: enhancement

#1538 - Test the output of ScubaGear's basic commands

Pull Request - State: open - Opened by james-garriss 10 days ago
Labels: enhancement

#1537 - Add Rego checks for Application & role Exclusions and be consistent across Conditional Access Policies

Pull Request - State: open - Opened by dagarwal-mitre 11 days ago - 8 comments
Labels: bug

#1536 - Unable to autheticate after MFA

Issue - State: open - Opened by Jpeezzee 11 days ago - 2 comments
Labels: public-reported

#1535 - Bump OPA version from v0.70.0 to v1.1.0

Pull Request - State: closed - Opened by github-actions[bot] 12 days ago - 1 comment
Labels: version bump

#1534 - Ensure long DNS text records aren't split

Issue - State: open - Opened by adhilto 12 days ago
Labels: bug

#1533 - Add DNS Configuration Options

Issue - State: open - Opened by adhilto 12 days ago
Labels: enhancement

#1532 - MS.AAD.6.1v1 User passwords SHALL NOT expire. will not pass when non-root domains are in play

Issue - State: open - Opened by rbryndoi 12 days ago - 2 comments
Labels: public-reported

#1531 - Inconsistent naming across repository folders

Issue - State: open - Opened by schrolla 12 days ago
Labels: enhancement

#1530 - Updated Microsoft.PowerApps.Administration.PowerShell min/max versions

Pull Request - State: closed - Opened by schrolla 16 days ago - 1 comment
Labels: upstream update

#1529 - Revise Entra report header with new exclusion info and documentation name

Pull Request - State: closed - Opened by schrolla 16 days ago - 1 comment
Labels: documentation

#1528 - Remove outdated parameters from sample config files

Pull Request - State: closed - Opened by schrolla 16 days ago - 7 comments
Labels: bug, documentation

#1527 - OPAPath in sample configs uses old default

Issue - State: closed - Opened by schrolla 16 days ago
Labels: bug, documentation

#1526 - Bump OPA version from v0.70.0 to v1.0.1

Pull Request - State: closed - Opened by github-actions[bot] 18 days ago - 1 comment
Labels: version bump

#1525 - Research alternatives to Selenium

Issue - State: open - Opened by james-garriss 18 days ago
Labels: enhancement, Testing

#1524 - Update code signing certificate in siging workflow

Issue - State: open - Opened by schrolla 22 days ago
Labels: infrastructure

#1523 - Determine need for and draft new or updated baseline policies related to service principal security

Issue - State: open - Opened by schrolla 22 days ago - 1 comment

#1522 - Set of tenant configuration changes developed to mitigate vulnerabilities tested

Issue - State: open - Opened by schrolla 22 days ago - 1 comment

#1521 - Write unit tests for build and sign release

Pull Request - State: closed - Opened by james-garriss 22 days ago - 2 comments
Labels: enhancement, infrastructure

#1520 - Create functional tests for Azure Sign Tool

Issue - State: open - Opened by james-garriss 22 days ago
Labels: Testing

#1519 - Add support for markdown report output

Issue - State: open - Opened by jed-exotic 23 days ago - 2 comments
Labels: public-reported

#1519 - Add support for markdown report output

Issue - State: closed - Opened by jed-exotic 23 days ago - 3 comments
Labels: public-reported

#1518 - Add Support for SARIF format in

Issue - State: open - Opened by macko76 23 days ago
Labels: public-reported

#1518 - Add Support for SARIF format in

Issue - State: closed - Opened by macko76 23 days ago - 1 comment
Labels: public-reported

#1517 - onedrive is still listed as a valid product name in sample configuration files

Issue - State: closed - Opened by mitchelbaker-cisa 23 days ago
Labels: bug

#1517 - onedrive is still listed as a valid product name in sample configuration files

Issue - State: open - Opened by mitchelbaker-cisa 23 days ago
Labels: bug

#1516 - Create documentation for how to use Invoke-ScubaCached

Issue - State: open - Opened by buidav 23 days ago
Labels: documentation

#1516 - Create documentation for how to use Invoke-ScubaCached

Issue - State: open - Opened by buidav 23 days ago
Labels: documentation

#1515 - Add Defender configuration options documentation

Pull Request - State: closed - Opened by schrolla 24 days ago - 3 comments
Labels: documentation, enhancement

#1514 - Program ScubaGear to ignore the coexistence domain for DMARC

Issue - State: open - Opened by adhilto 25 days ago
Labels: enhancement

#1513 - defender throwing error with certificate authentication

Issue - State: closed - Opened by reevesjeremy 25 days ago - 3 comments
Labels: public-reported, troubleshooting

#1512 - Review and implement pipeline security best practices

Issue - State: open - Opened by schrolla 26 days ago
Labels: epic

#1511 - Errors when running SCUBA Gear

Issue - State: open - Opened by ssy-lehmann 26 days ago - 7 comments
Labels: question, public-reported, troubleshooting

#1510 - Get-ScubaSpfRecord returns in rdata all TXT records not only SPF

Issue - State: open - Opened by slavag 29 days ago - 5 comments
Labels: public-reported

#1509 - Set version of AST in a config file

Issue - State: open - Opened by james-garriss 30 days ago
Labels: enhancement, infrastructure

#1508 - Explore incorporating Defender into the other baselines

Issue - State: open - Opened by adhilto 30 days ago
Labels: epic, baseline-document

#1507 - Verify that secrets pulled from AKV are not sent to GitHub logs

Issue - State: open - Opened by james-garriss 30 days ago - 1 comment
Labels: enhancement, infrastructure

#1506 - Document current state of static and dynamic code review for ScubaGear code and pipeline actions

Issue - State: open - Opened by ahuynhMITRE 30 days ago
Labels: documentation, enhancement

#1505 - Rewrite all the code to necessary to pull the secrets from AKV

Issue - State: open - Opened by james-garriss 30 days ago
Labels: documentation, infrastructure

#1504 - Clean up GitHub secrets

Issue - State: open - Opened by james-garriss 30 days ago
Labels: enhancement, infrastructure

#1503 - Create a new PSGallery API key before it expires

Issue - State: open - Opened by james-garriss 30 days ago - 1 comment
Labels: enhancement, infrastructure

#1502 - Create a distinct SP for KV access to enforce least priv.

Issue - State: open - Opened by james-garriss 30 days ago
Labels: enhancement

#1501 - Enforce least priv with the SP that uses KV

Issue - State: open - Opened by james-garriss 30 days ago
Labels: enhancement

#1500 - In certificate based app only authentication exo module is throwing an exception

Issue - State: closed - Opened by slavag about 1 month ago - 2 comments
Labels: public-reported

#1499 - Update Azure Sign Tool to version 6.0.0

Issue - State: open - Opened by james-garriss about 1 month ago
Labels: documentation, enhancement, Testing

#1498 - Several policies are marked and counted as grey and manual checks when results are "N/A" and marked with a criticality of "Not-implemented" due to specific conditions

Issue - State: open - Opened by ahuynhMITRE about 1 month ago - 2 comments
Labels: bug

GitHub / cisagov/ScubaGear issues and pull requests