ScubaGear – Ensuring Microsoft 365 Security Compliance

ScubaGear is an assessment tool that verifies that a Microsoft 365 (M365) tenant’s configuration conforms to the policies described in the Secure Cloud Business Applications (SCuBA) Security Configuration Baseline documents.

Note: This documentation can be read using GitHub Pages.

Target Audience

ScubaGear is for M365 administrators who want to assess their tenant environments against CISA Secure Configuration Baselines.

Overview

ScubaGear uses a three-step process:

Step One – PowerShell code queries M365 APIs for various configuration settings.
Step Two – It then calls Open Policy Agent (OPA) to compare these settings against Rego security policies written per the baseline documents.
Step Three – Finally, it reports the results of the comparison as HTML, JSON, and CSV.

Getting Started

To install ScubaGear from PSGallery, open a PowerShell 5 terminal on a Windows computer and install the module:

# Install ScubaGear
Install-Module -Name ScubaGear

To install its dependencies:

# Install the minimum required dependencies
Initialize-SCuBA

To verify that it is installed:

# Check the version
Invoke-SCuBA -Version

To run ScubaGear:

# Assess all products
Invoke-SCuBA -ProductNames *

For more information click here.

Varshini

Tamil has a great interest in the fields of Cyber Security, OSINT, and CTF projects. Currently, he is deeply involved in researching and publishing various security tools with Kali Linux Tutorials, which is quite fascinating.