In 2023 the Cybersecurity and Infrastructure Security Agency (CISA[.]gov) introduced their Secure Cloud Business Applications (SCuBA) project with two sub-projects: SCuBA Gear for M365 and SCuBA Goggles for Google Workspace.
These secure configuration baselines (SCBs) for Microsoft 365 (M365) and Google Workspace (GWS) provide easily adoptable recommendations that complement an organization’s unique requirements and risk tolerance levels. The baselines include automation features to help federal agencies, businesses and organizations rapidly assess their M365 and GWS services.
ScubaGear is a no-cost assessment tool that verifies M365 tenant configuration alignment to the policies described in SCuBA’s secure configuration baselines. CISA has made this tool and the baselines available to all agencies and private sector organizations seeking security improvements. Visit CISA’s GitHub and PowerShell Gallery to view the M365 baselines and download the ScubaGear assessment tool.
ScubaGoggles is a no-cost assessment tool that verifies a GWS organization’s configuration conforms to the policies in SCuBA’s secure configuration baselines. ScubaGoggles provides a breakdown of security vulnerabilities in GWS, allowing organizations to see where changes should be made to their configuration. CISA has made this tool and the baselines available to all agencies and private sector organizations seeking security improvements. Visit CISA’s GitHub or Python Package Index page to view the GWS baselines and download the ScubaGoggles assessment tool.
Source: CISA[.]gov: https://www.cisa.gov/resources-tools/services/secure-cloud-business-applications-scuba-project
These secure configuration baselines (SCBs) for Microsoft 365 (M365) and Google Workspace (GWS) provide easily adoptable recommendations that complement an organization’s unique requirements and risk tolerance levels. The baselines include automation features to help federal agencies, businesses and organizations rapidly assess their M365 and GWS services.
ScubaGear is a no-cost assessment tool that verifies M365 tenant configuration alignment to the policies described in SCuBA’s secure configuration baselines. CISA has made this tool and the baselines available to all agencies and private sector organizations seeking security improvements. Visit CISA’s GitHub and PowerShell Gallery to view the M365 baselines and download the ScubaGear assessment tool.
ScubaGoggles is a no-cost assessment tool that verifies a GWS organization’s configuration conforms to the policies in SCuBA’s secure configuration baselines. ScubaGoggles provides a breakdown of security vulnerabilities in GWS, allowing organizations to see where changes should be made to their configuration. CISA has made this tool and the baselines available to all agencies and private sector organizations seeking security improvements. Visit CISA’s GitHub or Python Package Index page to view the GWS baselines and download the ScubaGoggles assessment tool.
Source: CISA[.]gov: https://www.cisa.gov/resources-tools/services/secure-cloud-business-applications-scuba-project
RSS Feed