ScubaGear Logo

ScubaGear

0
Free
Visit Website

ScubaGear is an assessment tool designed to verify the configuration of Microsoft 365 (M365) tenants against the Secure Cloud Business Applications (SCuBA) Security Configuration Baseline documents. The tool operates in three main steps: 1. It uses PowerShell to query M365 APIs for various configuration settings. 2. It employs Open Policy Agent (OPA) to compare these settings against Rego security policies based on the baseline documents. 3. It generates reports in HTML, JSON, and CSV formats to present the results of the comparison. ScubaGear is primarily intended for M365 administrators who want to assess their tenant environments against CISA Secure Configuration Baselines. It can be installed from PSGallery and requires certain dependencies and permissions to function correctly. The tool supports assessment of multiple M365 products and can be run with specific parameters or using a configuration file. It also includes features for troubleshooting common issues related to multiple tenants, Defender, Exchange Online, Power Platform, Microsoft Graph, and proxy configurations.

FEATURES

ALTERNATIVES

Export Kubernetes events for observability and alerting purposes with flexible routing options.

Azucar is a multi-threaded plugin-based tool for assessing Azure Cloud security.

Ice provides a birds-eye view of cloud resources and usage patterns in AWS.

A CLI tool to simplify the use of AWS Systems Manager Session Manager

A Terraform module to set up a secure AWS account configuration baseline

A small project for continuous auditing of internet-facing AWS services

minikube implements a local Kubernetes cluster for easy application development and supports various Kubernetes features.

A security tool that monitors AWS objects for ownership attribution, detects domain hijacking, and verifies security services.