cisagov/ScubaGear issues and pull requests

#1462 - Add high risk application/service principal permissions into ScubaResults.json

Pull Request - State: open - Opened by mitchelbaker-cisa 2 months ago - 11 comments
Labels: enhancement

#1462 - Add high risk application/service principal permissions into ScubaResults.json

Pull Request - State: open - Opened by mitchelbaker-cisa 2 months ago - 15 comments
Labels: enhancement

#1461 - Disable MS.SHAREPOINT.3.2v1 functional tests temporarily

Pull Request - State: closed - Opened by schrolla 2 months ago
Labels: bug, Testing

#1460 - Change tests for MS.AAD.5.4v1 for teams group consent to not-implemented as setting is deprecated

Pull Request - State: closed - Opened by rmoffitt-m 2 months ago - 3 comments
Labels: microsoft roadmap

#1459 - Disable misfiring SharePoint functional tests temporarily

Issue - State: open - Opened by schrolla 2 months ago
Labels: bug, Testing

#1459 - Disable misfiring SharePoint functional tests temporarily

Issue - State: closed - Opened by schrolla 2 months ago
Labels: bug, Testing

#1458 - Add Omitted Rego Evaulation results to the ScubaResults.json

Issue - State: open - Opened by buidav 2 months ago
Labels: enhancement

#1458 - Add Omitted Rego Evaulation results to the ScubaResults.json

Issue - State: open - Opened by buidav 2 months ago
Labels: enhancement

#1457 - Top paragraph of Entra Id report needs to be updated to reflect new user documentation structure

Issue - State: closed - Opened by tkol2022 2 months ago
Labels: documentation, enhancement

#1456 - Configuration file improvements

Issue - State: open - Opened by schrolla 2 months ago
Labels: epic, enhancement

#1455 - Exception: Fatal Error involving the Report Creation

Issue - State: open - Opened by slavag 2 months ago - 3 comments
Labels: public-reported, troubleshooting

#1454 - Workflow pipeline sometimes fails to fail

Issue - State: closed - Opened by james-garriss 2 months ago
Labels: bug

#1453 - Write unit tests for build and sign release

Issue - State: closed - Opened by james-garriss 2 months ago
Labels: enhancement

#1452 - Write unit tests for test OPA

Issue - State: closed - Opened by james-garriss 2 months ago - 1 comment
Labels: enhancement

#1451 - Write unit tests for clear caches

Issue - State: closed - Opened by james-garriss 2 months ago
Labels: enhancement

#1450 - Write unit tests for Invoke PSSA

Pull Request - State: closed - Opened by james-garriss 2 months ago - 2 comments
Labels: enhancement

#1449 - Submit consolidated change document for review and approval (Kraken release)

Issue - State: closed - Opened by schrolla 2 months ago - 1 comment
Labels: epic, baseline-document

#1448 - Add SetAndCheckTenantSetting functional testing utility function

Pull Request - State: open - Opened by schrolla 2 months ago
Labels: enhancement, Testing

#1447 - Remove all instances of policy MS.SHAREPOINT4.2v1 due to Microsoft update to custom scripting settings

Pull Request - State: closed - Opened by ahuynhMITRE 2 months ago - 4 comments
Labels: bug, baseline-document

#1446 - Tweak colors on the reports to comply with 508 standards

Pull Request - State: open - Opened by ehaines1 2 months ago
Labels: enhancement

#1445 - Modify report colors for 508 compliance

Pull Request - State: closed - Opened by ehaines1 3 months ago - 1 comment
Labels: enhancement

#1444 - change baseline .md's to use reference links (#494)

Pull Request - State: open - Opened by boring-jpg 3 months ago - 3 comments
Labels: public-reported

#1443 - Document ability to add organizational metadata and complying with SCuBA policy checks via configuration file

Pull Request - State: closed - Opened by buidav 3 months ago - 2 comments
Labels: documentation

#1442 - Fatal Error involving the Report Creation.

Issue - State: closed - Opened by Zyad-Khan 3 months ago - 3 comments
Labels: public-reported

#1441 - Cannot retrieve the dynamic parameters for the cmdlet. The term 'IsCloudShellEnvironment' is not recognized

Issue - State: closed - Opened by hkelley 3 months ago - 2 comments
Labels: public-reported

#1441 - Cannot retrieve the dynamic parameters for the cmdlet. The term 'IsCloudShellEnvironment' is not recognized

Issue - State: closed - Opened by hkelley 3 months ago - 2 comments
Labels: public-reported

#1440 - Update SCB acronym to read as "Secure Configuration Baseline" throughout repo

Pull Request - State: closed - Opened by ahuynhMITRE 3 months ago - 1 comment
Labels: documentation, baseline-document

#1439 - Clarify License Requirements in assumptions.md

Pull Request - State: closed - Opened by adhilto 3 months ago - 3 comments
Labels: documentation

#1438 - Deprecate the -KeepIndividualJSON parameter

Issue - State: open - Opened by buidav 3 months ago
Labels: breaking change, enhancement

#1437 - Validate the parameters passed into the Scuba config file

Issue - State: open - Opened by buidav 3 months ago
Labels: bug

#1436 - AccessDenied executing Get-MgBetaIdentityConditionalAccessPolicy

Issue - State: closed - Opened by sam-i-am-clark 3 months ago - 2 comments
Labels: public-reported

#1435 - Convert baseline markdown files to text and HTML

Pull Request - State: closed - Opened by james-garriss 3 months ago - 2 comments
Labels: enhancement

#1434 - Link in the sample-report broken

Issue - State: closed - Opened by elysiumsecurityltd 3 months ago - 5 comments
Labels: public-reported

#1433 - Conduct hands-on examination of organization and user level audit settings for Exchange Online mailboxes

Issue - State: open - Opened by tkol2022 3 months ago
Labels: hands-on-prototyping

#1432 - Update SCB acronym to be synonymous with "Secure Configuration Baseline" for consistency

Issue - State: closed - Opened by ahuynhMITRE 3 months ago
Labels: documentation, baseline-document

#1431 - Update AAD.3.1v1 to include device-bound passkeys language and resource to AAD.3.1

Pull Request - State: closed - Opened by ahuynhMITRE 3 months ago - 1 comment
Labels: baseline-document

#1430 - Convert workflow testing code to functions

Pull Request - State: closed - Opened by james-garriss 3 months ago - 3 comments
Labels: enhancement

#1429 - Modify workflow code to use functions instead of modules

Issue - State: closed - Opened by james-garriss 3 months ago
Labels: enhancement

#1428 - Update schedule for functional test workflow

Pull Request - State: closed - Opened by james-garriss 3 months ago - 1 comment
Labels: enhancement

#1427 - Modify functional test schedule to run on Thursday night

Issue - State: closed - Opened by james-garriss 3 months ago
Labels: enhancement

#1426 - Add the report UUID to the ScubaResults.json filename

Pull Request - State: closed - Opened by adhilto 3 months ago - 26 comments
Labels: enhancement

#1425 - Update Config file documentation and document ability to add organizational metadata to the config file

Issue - State: closed - Opened by buidav 3 months ago
Labels: enhancement

#1425 - Update Config file documentation and document ability to add organizational metadata to the config file

Issue - State: open - Opened by buidav 3 months ago
Labels: enhancement

#1424 - Added version update notification

Pull Request - State: open - Opened by twneale 3 months ago
Labels: enhancement

#1424 - Added version update notification

Pull Request - State: closed - Opened by twneale 3 months ago - 6 comments
Labels: enhancement

#1423 - Add service principal setup to functional testing documentation

Pull Request - State: closed - Opened by ehaines1 3 months ago
Labels: documentation, enhancement

#1422 - Append UUID to ScubaResults.json by default

Issue - State: closed - Opened by buidav 3 months ago
Labels: enhancement

#1422 - Append UUID to ScubaResults.json by default

Issue - State: closed - Opened by buidav 3 months ago
Labels: enhancement

#1421 - Certificate error due to broken url

Issue - State: open - Opened by ahuynhMITRE 3 months ago - 2 comments
Labels: documentation

#1420 - Proposal: Create a new EXO policy to check for users with Default or Anonymous mailbox folder permissions

Issue - State: open - Opened by tkol2022 3 months ago - 1 comment
Labels: enhancement, baseline-document

#1420 - Proposal: Create a new EXO policy to check for users with Default or Anonymous mailbox folder permissions

Issue - State: open - Opened by tkol2022 3 months ago
Labels: enhancement, baseline-document

#1419 - Proposal: Create a new EXO policy to check for users and groups that hold the ApplicationImpersonation role

Issue - State: open - Opened by tkol2022 3 months ago - 1 comment
Labels: enhancement, baseline-document

#1419 - Proposal: Create a new EXO policy to check for users and groups that hold the ApplicationImpersonation role

Issue - State: open - Opened by tkol2022 3 months ago - 1 comment
Labels: enhancement, baseline-document

#1418 - Proposal: Create a new Defender policy to disable PowerShell access to inboxes from non-administrative users

Issue - State: open - Opened by tkol2022 3 months ago
Labels: enhancement, baseline-document, hands-on-prototyping, analysis-required

#1418 - Proposal: Create a new Defender policy to disable PowerShell access to inboxes from non-administrative users

Issue - State: open - Opened by tkol2022 3 months ago
Labels: enhancement, baseline-document, hands-on-prototyping

#1417 - Proposal: Create a new Defender policy to check for users with their mailbox audit logging bypassed

Issue - State: open - Opened by tkol2022 3 months ago - 1 comment
Labels: enhancement, baseline-document, hands-on-prototyping

#1417 - Proposal: Create a new Defender policy to check for users with their mailbox audit logging bypassed

Issue - State: open - Opened by tkol2022 3 months ago - 1 comment
Labels: enhancement, baseline-document, hands-on-prototyping

#1416 - Policy question: Does Defender policy 6.2 need updates since Microsoft changed their default logging events for standard license holders?

Issue - State: open - Opened by tkol2022 3 months ago - 1 comment
Labels: enhancement, baseline-document, hands-on-prototyping

#1416 - Policy question: Does Defender policy 6.2 need updates since Microsoft changed their default logging events for standard license holders?

Issue - State: open - Opened by tkol2022 3 months ago - 1 comment
Labels: enhancement, baseline-document, hands-on-prototyping

#1415 - Proposal: change name of Defender 6.1 policy to more accurately reflect which configuration ScubaGear actually checks

Issue - State: open - Opened by tkol2022 3 months ago
Labels: enhancement, baseline-document

#1415 - Proposal: change name of Defender 6.1 policy to more accurately reflect which configuration ScubaGear actually checks

Issue - State: open - Opened by tkol2022 3 months ago - 1 comment
Labels: enhancement, baseline-document

#1414 - Could not connect to SharePoint Online: Legacy Auth blocked by ADFS Claim rule

Issue - State: open - Opened by buidav 3 months ago
Labels: bug

#1414 - Could not connect to SharePoint Online: Legacy Auth blocked by ADFS Claim rule

Issue - State: open - Opened by buidav 3 months ago
Labels: bug

#1413 - Update incorrect hyperlinks in SCB markdown

Pull Request - State: closed - Opened by ahuynhMITRE 3 months ago - 3 comments
Labels: baseline-document

#1413 - Update incorrect hyperlinks in SCB markdown

Pull Request - State: closed - Opened by ahuynhMITRE 3 months ago - 3 comments
Labels: baseline-document

#1412 - Correct omission in documentation about importing module when downloading from GitHub

Pull Request - State: closed - Opened by james-garriss 3 months ago - 1 comment
Labels: documentation

#1411 - Download documentation omits importing the module

Issue - State: closed - Opened by james-garriss 3 months ago
Labels: documentation

#1410 - Remove policy MS.SHAREPOINT4.2v1 due to Microsoft update to custom scripting settings

Pull Request - State: closed - Opened by ahuynhMITRE 3 months ago - 2 comments
Labels: baseline-document

#1409 - Update Microsoft.PowerApps.Administration.PowerShell to v2.0.200

Issue - State: closed - Opened by schrolla 3 months ago - 1 comment
Labels: upstream update

#1409 - Update Microsoft.PowerApps.Administration.PowerShell to v2.0.200

Issue - State: open - Opened by schrolla 3 months ago - 1 comment
Labels: upstream update

#1408 - Remove extraneous SHALL from MS.DEFENDER.4.1

Pull Request - State: open - Opened by schrolla 3 months ago
Labels: bug, baseline-document

#1408 - Remove extraneous SHALL from MS.DEFENDER.4.1

Pull Request - State: closed - Opened by schrolla 3 months ago - 2 comments
Labels: bug, baseline-document

#1407 - sharepoint will be omitted from the output because of failed authentication

Issue - State: open - Opened by lexpr0 3 months ago - 10 comments
Labels: bug, public-reported

#1407 - sharepoint will be omitted from the output because of failed authentication

Issue - State: open - Opened by lexpr0 3 months ago - 11 comments
Labels: bug, public-reported

#1406 - improve performance of Defender query to count users without advanced auditing

Pull Request - State: closed - Opened by tkol2022 3 months ago - 2 comments
Labels: bug

#1405 - Failed to execute in Azure B2C

Issue - State: open - Opened by sotodan 3 months ago - 4 comments
Labels: public-reported

#1405 - Failed to execute in Azure B2C

Issue - State: open - Opened by sotodan 3 months ago - 5 comments
Labels: public-reported

#1404 - Defender export provider inadvertently downloads user data when retrieving a count of users without advanced auditing

Issue - State: closed - Opened by tkol2022 3 months ago - 6 comments
Labels: bug

GitHub / cisagov/ScubaGear issues and pull requests