ScubaGear Logo

ScubaGear

0
Free
Visit Website

ScubaGear is an assessment tool designed to verify the configuration of Microsoft 365 (M365) tenants against the Secure Cloud Business Applications (SCuBA) Security Configuration Baseline documents. The tool operates in three main steps: 1. It uses PowerShell to query M365 APIs for various configuration settings. 2. It employs Open Policy Agent (OPA) to compare these settings against Rego security policies based on the baseline documents. 3. It generates reports in HTML, JSON, and CSV formats to present the results of the comparison. ScubaGear is primarily intended for M365 administrators who want to assess their tenant environments against CISA Secure Configuration Baselines. It can be installed from PSGallery and requires certain dependencies and permissions to function correctly. The tool supports assessment of multiple M365 products and can be run with specific parameters or using a configuration file. It also includes features for troubleshooting common issues related to multiple tenants, Defender, Exchange Online, Power Platform, Microsoft Graph, and proxy configurations.

FEATURES

ALTERNATIVES

A script and library for identifying risks in AWS IAM configuration

An AWS Lambda auditing tool that provides asset visibility and actionable results through statistical analysis and security checks.

A CLI utility that makes it easier to switch between different AWS roles

A customized AWS EKS setup for PCI-DSS, SOC2, and HIPAA compliance

A Python script to test the security of AWS S3 buckets

Converts the format of various S3 buckets for bug bounty and security testing.

A detection-as-code platform for streamlining cloud security operations and responding to security incidents.

A small project for continuous auditing of internet-facing AWS services