Skip to content

v0.3.0
Compare
Choose a tag to compare
@github-actions github-actions released this 24 Mar 20:23
· 318 commits to main since this release
0.3.0
1d5201f
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Major Changes

  • Added non-interactive authentication mode using an Azure AD application service principal. This is to support running the tool in a pipeline or scheduled job. See the README sections that reference service principals, including the new -CertificateThumbprint parameter for Invoke-SCuBA.
  • Added Azure AD conditional access policies in the HTML report which makes it easier view all of your policies in a single interface. See the example file /sample-report/IndividualReports/AADReport.html to see what it looks like.
  • The Azure AD configuration export provider was updated to improve its execution speed.
  • The report now contains a button to enable Dark Mode - enjoy 😃.
  • Improved overall error handling to provide a more stable tool with predictable results during error conditions.
  • The Open Policy Agent (OPA) executable was decoupled from the repository. Users can reference their own version or simply run Setup.ps1 to have it automatically download the required version from the OPA website.
  • New -ConfigFilePath parameter for Invoke-SCuBA allows the user to specify a custom configuration file in YAML or JSON format. Currently the config file supports user-defined values for the standard Invoke-SCuBA parameters defined in the README file (e.g ProductNames). See the /sample-config-files/sample-config.yaml for an example.
  • Added the ability to configure a set of Users and Groups that are excluded from the Azure AD conditional access policy checks. This is so that known organizational exception cases are not flagged as Fail in the report. See the CapExclusions section in /sample-config-files/aad-config.yaml for an example.
  • ScubaGear code files are now signed which makes it easier to run on more Windows environments without warnings or execution prevention errors. See the PowerShell Execution Policies section in the README for details.
  • For Exchange Online, added retry logic to DNS that attempts to retry against a public resolver. This is to address problems seen with certain split dns configurations.
  • See full list of 17 enhancements here.

Bugs Fixed

  • Corrected erroneous Defender GCCHigh and DOD endpoints (#144)
  • Added filter to only check EXO transport rules that are enabled and enforced (#130)
  • Explicitly set file encoding to UTF-8 (#20)
  • Prevented empty cmdlet responses from producing invalid JSON results (#19)
  • 21 additonal bugs fixed. See full list here.

Documentation

  • Added examples to the README which show how to run ScubaGear non-interactively.
  • Added a sample-config-files folder to the repository that contains sample user-defined configuration files.
  • Updated sample-report folder based on new version results

Baselines

  • No changes. A new version of the security baseline documents are being updated and will be published in a future release.
Assets 3
Loading