Skip to content

v1.4.0

Latest
Latest
Compare
Choose a tag to compare
@github-actions github-actions released this 26 Nov 20:49
v1.4.0
ffae2e1

Major Changes

  • Support policy check toggling via config file #1200
    See configuration file documentation about omitting policies for further details.
  • Make ScubaResults.json the default result output #1316
    See documentation for -KeepIndividualJSON parameter to revert to previous version behavior.
  • Improve AAD assessment check performance #1196
  • Modify MS.AAD.6.1v1 to account for federated domains #1185
  • Remove deprecated MS.SHAREPOINT.4.1v1 policy, references, and assessment checks #1244
  • Change MS.SHAREPOINT.1.4v1 check to not-implemented due to deprecated field #1270
  • Add policy check for MS.SHAREPOINT.3.2v1 when using service principal and update MS.SHAREPOINT.4.2v1 check for deprecation #1309
  • Add assessment check for MS.DEFENDER.6.2v1 #1241
  • Add policy check for MS.AAD.3.7v1 to support exclusions #1190
  • Realign MS.EXO.2.1v1 and MS.EXO.2.2v2 SPF assessment checks with updated policies #1130
  • Add a backup path to look for the OPA executable in the current directory #1092
  • Enhance CSV output to be consistent with data in HTML reports #1281
  • Bump acceptable OPA version to v0.69.0 and set new accepted minimum to v0.69.0 #1348
  • Add -OutActionPlanFileName for action plan remediation CSV output #1351
  • Add report UUID to the ScubaResults.json filename #1426
  • See full list of enhancements here

Bugs Fixed

  • Correct bug with Connect-IPPSSession error handling #1199
  • Extend Microsoft.Graph.* dependency max version from 2.19.x -> 2.x.x #1122
  • Fix AAD 401 authentication errors against GCC high tenants #1266
  • Fix encoding issue by removing BOM from provider output files #1302
  • Fix AAD provider to handle nested PIM groups and refactor Get-PrivilegedUser #1310
  • Pin PowerApps module dependency to last tested working version #1346
  • Fix broken import path in Initialize-SCuBA #1363
  • See full list of bug fixes here

Baselines

  • Add MITRE ATT&CK Mappings to all M365 secure configuration baselines #1106
  • Change Azure Active Directory namings in baselines to use Entra ID equivalent #1176
  • Remove MS.SHAREPOINT.4.1v1 policy and references #1244
  • Fix circular reference between MS.EXO.16.1v1 and MS.DEFENDER.5.1v1 implementation instructions #1198
  • Revise MS.EXO.2.1v1 and MS.EXO.2.2v2 SPF requirements #1130
  • Decouple the remaining EXO Shall/Should policies #1095
  • Added notes about applicability to MS.TEAMS.2.2v1 and MS.TEAMS.3.1v1 #1219
  • Updated MS.AAD.5.2v1 instructions to match updated UI buttonology #1117
  • Update front matter and specific language in the Defender SCB to clarify licensing information #1398
  • See full list of baseline updates here

Documentation

  • Cleaning up and streamlining example config files #1137
  • Minor documentation fixes and updates #1157
  • Add additional shields.io badges to README #1167
  • See full list of documentation changes here

Full Changelog: v1.3.0...v1.4.0

Assets 3
Loading