Cisa scuba tool. Development and Feedback .

Cisa scuba tool The RFC period is open until Nov. Mandatory Policies by June 20, 2025: Mar 12, 2024 · HISG is the latest resource released by CISA’s SCuBA project. Deploy SCuBA assessment tools by April 25, 2025. Jan 9, 2024 · SCuBAGear Tool: Functionality: SCuBAGear is an assessment tool that evaluates the alignment of an organization’s M365 configurations with CISA’s security baselines. Nov 28, 2022 · CISA has provided a tool on GitHub called SCuBA gear, which performs automatic evidence collection of where a M365 tenant matches up against the recommended baselines. Dec 21, 2023 · In support of our pilot efforts, CISA also released our assessment tool, ScubaGear, to help organizations rapidly assess their M365 services against CISA’s recommended policies. . ScubaGear is an assessment tool that verifies that a Microsoft 365 (M365) tenant’s configuration conforms to the policies described in the Secure Cloud Business Applications Secure Configuration Baseline documents. ” Simply put: basic cybersecurity hygiene. Development and Feedback . dhs. cisa. Developed by CISA, SCuBAGear is an automated assessment tool crafted to evaluate the status of organizations’ M365 cloud services in alignment with CISA’s recommended baselines. Dec 17, 2024 · BOD 25-01 requires FCEB agencies to deploy CISA-developed automated configuration assessment tools (ScubaGear for Microsoft 365 audits), integrate with the cybersecurity agency's continuous Jun 27, 2023 · CISA has released several documents as part of the Secure Cloud Business Applications (SCuBA) project: The Technical Reference Architecture (TRA) document, previously released for public comment on April 19, 2022, is the final version of a security guide that agencies can use to adopt technology for cloud deployment, adaptable solutions, secure architecture, and zero trust frameworks. In fact, downloads significantly increased with the recent release of ScubaGear version 1. CISA’s Secure Cloud Business Applications (SCuBA) project outlines specific configuration baselines to map Microsoft 365 settings. CONTACT US To receive additional information and demonstrations, or federal agencies that have inquiries, please contact . CISA created baselines tailored to the federal government’s threats and risk tolerance with the knowledge that every Following the release of CISA’s Binding Operational Directive (BOD) 25-01: Implementing Secure Practices for Cloud Services on Dec. the Secure Cloud Business Applications (SCuBA) project to help federal civilian executive branch agencies protect federal information created, accessed, shared, and stored in their cloud environments, including through hardened Mar 27, 2025 · The CISA SCuBA SCBs for M365 help secure federal information assets stored within M365 cloud business application environments through consistent, effective, and manageable security configurations. CyberSharedServices@cisa. Technical Reference Architecture (PDF) Jun 27, 2023 · The TRA document is the “foundational” document for the SCuBA program, Poland said, and one of the major tweaks CISA made to the finalized guidance is aligning the architecture to zero trust principles, as well as the federal zero trust strategy and CISA’s zero trust maturity model. Mar 20, 2024 · Experts from CISA, Microsoft and Mitre will provide workshop attendees insight into the final version of CISA’s soon-to-be-released Microsoft 365 (M365) security configuration baselines (SCBs) and the latest version of ScubaGear, an automation tool that compares M365 tenant configurations against CISA’s recommended SCBs. Within this guidance they cover the M365 and Google Workspace stacks, and they have also released the ScubaGear tool, which you can find here, cisagov/ScubaGear: Automation to assess the state of your M365 tenant against News: CISA’s ScubaGear Tool Improves Security for Organizations Using M365 and Surpasses 30,000 Downloads. In this video, I show you how to run the Secure Cloud Business Applications (SCuBA) gear tool created by CISA. Dec 17, 2024 · For questions about the SCuBA program, Secure Configuration Baselines, the assessment and tools, managing inventory or uploading SCuBA files to CyberScope, integrating SCuBA results to CLAW Azure TALONs, and/or viewing SCuBA results in CDM, contact the SCuBA team at scuba@mail. Apr 19, 2022 · The deadline for providing comment on the CISA SCuBA technical reference documents is May 19, 2022, and comments should be submitted to: QSMO@CISA. You learned how to check the Microsoft 365 security recommendations with the CISA SCuBA PowerShell The CISA SCuBA SCBs for M365 help secure federal information assets stored within M365 cloud business application environments through consistent, effective, and manageable security configurations. Secure Cloud Business Applications (SCuBA) by CISA will help ensure SCuBA products and offerings are developed with input from diverse sources. gov/news-events/news/scuba-dives-deeper-help-federal-agencies-secure-their-cloud-environments-publishes-security. gov/SCuBA and CISA's SCuBA GitHub page for more information and to review the baselines. Dec 17, 2024 · Today, CISA issued Binding Operational Directive (BOD) 25-01, Implementing Secure Practices for Cloud Services to safeguard federal information and information systems. Enhancements: The tool now features increased automation, streamlining the assessment process and reducing the effort required by organizations. This is to support running the tool in a pipeline or scheduled job. Second – Open a browser and login into it using the newly created Global Administrator Account Added non-interactive authentication mode using an Azure AD application service principal. The project was designed with a comprehensive, threat-informed methodology to identify cloud visibility coverage gaps and requirements. Dec 17, 2024 · The order requires agencies to comply with measures set under CISA’s Secure Cloud Business Applications — or SCuBA — project, which helps guide civilian agencies on protecting their cloud The CISA SCuBA SCBs for M365 help secure federal information assets stored within M365 cloud business application environments through consistent, effective, and manageable security configurations. Applying SCuBA security solutions to a wide range of agencies will require building on existing SCuBA will enhance the security of FCEB cloud business application environments through additional configurations, settings and security products. This framework will be used to audit if each application meets the secure baseline standard required. ; Step Two - It then calls Open Policy Agent (OPA) to compare these settings against Rego security policies written per the baseline documents. 2. Visit CISA’s SCuBA project page for more information. In this article, I am going to show you how to run the tool and introduce you to a fork I created which additionally maps these recommendations to the CIS Controls. Dec 17, 2024 · Manually report the results of the most recent SCuBA assessment tool version to CISA quarterly in a CISA approved, machine-readable format, following CISA reporting instructions. This tool allows you to run a security assessm CISA Cloud Security and SCuBA Baselines: CISA will first gather and assess feedback and lessons learned from implementation within its own divisions before deploying baselines that respond to increasingly complex mission needs. Secure Cloud Business Applications (SCuBA) is CISA’s response to the Solar Winds incident of 2020. Through ongoing dialogue and collaboration with industry and government stakeholders, CISA developed initial guidance documents as a part of the SCuBA project, which aims to help agencies adopt necessary Dec 17, 2024 · Deploy SCuBA Tools: By April 25, 2025, all federal cloud tenants must implement SCuBA tools for monitoring and auditing. SCuBA (Secure Cloud Business Applications) is CISA's homegrown suite of assessment tools targeted specifically at major cloud environments—starting with Microsoft 365. As the SCuBA project progresses, CISA will determine potential candidate cybersecurity shared service offering(s) in support of secure cloud business applications. These baselines were developed with flexibility in mind to keep pace with evolving technologies and CISA Cloud Security and SCuBA Baselines: CISA will first gather and assess feedback and lessons learned from implementation within its own divisions before deploying baselines that respond to increasingly complex mission needs. In accordance with Executive Order 14028, CISA’s SCuBA project aims to develop consistent, effective, modern, and manageable security that will help secure organizations’ information assets stored within cloud environments. SCuBA’s guidance aims to protect information that organizations create, access, share, or store in cloud environments. We look forward to receiving and reviewing your feedback on this important effort to improve federal cloud cybersecurity. Secure Cloud Business Applications (SCuBA) Technical Reference Architecture (TRA) CISA Finalizes Microsoft 365 Secure Configuration Baselines. This tool decreases the effort required for agencies (or any organization) to assess their tenant configurations by producing a detailed as-is report to serve as a • The Cybersecurity Evaluation Tool (CSET) (CISA) • SCuBAGear (CISA) • The Untitled Goose Tool (CISA) • Decider (CISA) • Memory Forensic on Cloud (JPCERT/CC) Note: These open-source tools are highlighted and explained to assist with on-site investigation and remediation in cloud environments but are not all-encompassing. I received this from CERT yesterday: Visit CISA. It uses PowerShell to query M365 APIs for various configuration settings. Applying SCuBA security solutions to a wide range of agencies will require building on existing technologies and ScubaGear is an assessment tool designed to verify the configuration of Microsoft 365 (M365) tenants against the Secure Cloud Business Applications (SCuBA) Security Configuration Baseline documents. CISA created baselines tailored to the federal government’s threats and risk tolerance with the knowledge that every organization has different 2. See the README sections that reference service principals, including the new -CertificateThumbprint parameter for Invoke-SCuBA. ScubaGear uses a three-step process: Step One - PowerShell code queries M365 APIs for various configuration settings. HOW MUCH WILL SCUBA COST AGENCIES? The SCuBA TRA accomplishes this objective through the following ite rative approaches: • Building on Existing Knowledge: CISA will build on the current knowledge of CSP and SaaS offerings to provide guidance based on understanding threats and related efforts. Oct 20, 2022 · In addition to encouraging FCEB agencies to pilot the recommended baselines and provide feedback, CISA is also requesting public comment on the eight M365 security configuration baseline documents located on Github and cisa. gov or visit Secure Cloud Business Applications (SCuBA) Project | CISA. TLP:CLEAR CISA Nov 22, 2022 · The CISA Secure Cloud Business Applications or SCUBA assessment tool is a great process you can build into your corporate playbook as a part of your ongoing cyber security posture programme, alongside the “feed and watering” activities to continue to improve organisational security posture. Oct 26, 2022 · CISA recently released baseline guidance for cloud application security, dubbed SCuBA, or Secure Cloud Business Applications. 17, 2024, which requires Federal Civilian Executive Branch (FCEB) agencies to deploy SCuBA assessment tools for in-scope cloud tenants no later than Friday, April 25, 2025 and begin continuous reporting, agencies can use ScubaConnect to ensure their cloud Dec 18, 2024 · Automated Assessment: The SCuBA tool automates the process of checking M365 tenant configurations against CISA’s Secure Configuration Baselines. Organizations are urged to review these baselines and utilize the SCuBAGear tool. CISA created baselines tailored to the federal government’s threats and risk tolerance with the knowledge that every organization has different WHEN WILL CISA LAUNCH SCUBA? CISA will launch a test pilot in FY23 to examine product-specific security baselines implementation for M365. gov. Nov 18, 2024 · ScubaGear is an open-source tool the Cybersecurity and Infrastructure Security Agency (CISA) created to automatically evaluate Microsoft 365 (M365) configurations for potential security gaps. May 17, 2023 · Quick How-To on installing and running the app. CISA created baselines tailored to the federal government’s threats and risk tolerance with the knowledge that every organization has different Redirecting to https://www. CISA established the SCuBA project in 2022 to address cybersecurity and visibility gaps exposed by software-as-a-service (SaaS) cyber intrusions and compromises. As of April 2024 . “This is really a recognition of the fact that the SCuBA program has matured significantly over the last couple of years,” Hartman Mar 9, 2024 · Tools You Should Know: ScubaGear Developed by CISA, ScubaGear is an assessment tool that verifies a Microsoft 365 (M365) tenant’s configuration conforms to the policies described in the Secure Cloud Business Applications (SCuBA) Security Configuration Baseline documents. For more information, read CISA’s blog and contact CISA’s Cybersecurity Shared Services Office for additional support. Developed by CISA, ScubaGoggles is an assessment tool that verifies a Google Workspace (GWS) organization's configuration conforms to the policies described in the Secure Cloud Business Applications Secure Configuration Baseline documents. Mar 12, 2024 · The Cybersecurity and Infrastructure Security Agency (CISA) developed this Hybrid Identity Solutions Guidance to help readers better understand identity management capabilities, the tradeoffs that exist in various implementation options, and factors that should be considered when making implementation decisions. The draft baselines offer minimum viable security configurations for nine GWS services: Groups for Business, Google Calendar, Google Common Controls Dec 17, 2024 · Before Tuesday’s directive, the SCuBA baselines had been voluntary for agencies. That’s it! Read more: Office 365 Recommended Configuration Analyzer » Conclusion. CISA will collaborate with the CSPs to improve SaaS offerings and how these Dec 18, 2024 · BOD 25-01 requires federal agencies to implement future updates to mandatory SCuBA policies, in line with timetables published on the required configurations website, to monitor for new cloud tenants after implementing the mandatory baselines, and to “identify and explain deviations in the output of the SCuBA assessment tools when reported to CISA”. However, over the last two years, CISA worked with 13 agencies to test and refine the baselines and associated assessment tools. The CISA SCuBA SCBs for M365 help secure federal information assets stored within M365 cloud business application environments through consistent, effective, and manageable security configurations. Hey all, There has been lots of buzz around the new M365 security assessment tool that CISA came out with called SCuBA. I made… Jul 10, 2023 · The Secure Cloud Business Applications (SCuBA) project, run by the Cybersecurity and Infrastructure Security Agency (CISA), provides guidance and capabilities to secure federal civilian executive branch (FCEB) agencies’ cloud business application environments and protect federal information that is created, accessed, shared, and stored in Dec 12, 2023 · Today, CISA released the draft Secure Cloud Business Applications (SCuBA) Google Workspace (GWS) Secure Configuration Baselines and the associated assessment tool ScubaGoggles for public comment. The tool operates in three main steps: 1. • The Cybersecurity Evaluation Tool (CSET) (CISA) • SCuBAGear (CISA) • The Untitled Goose Tool (CISA) • Decider (CISA) • Memory Forensic on Cloud (JPCERT/CC) Note: These open-source tools are highlighted and explained to assist with on-site investigation and remediation in cloud environments but are not all-encompassing. SCuBA Security Configuration Baselines and assessment tool for Google Workspace - GitHub - techfuzz/CISA-ScubaGoggles: SCuBA Security Configuration Baselines and assessment tool for Google Workspace Dec 19, 2024 · Deploy all SCuBA assessment tools for in-scope cloud tenants no later than April 25, 2025, and either integrate the tool results feeds with CISA's continuous monitoring infrastructure or report them manually on a quarterly basis ; Implement all mandatory SCuBA policies no later than June 20, 2025 Dec 22, 2023 · This release also includes an updated tool called SCuBAGear (Secure Cloud Business Applications Gear). These CISA-provided resources are designed to address many of the challenges agencies face in implementing and maintaining secure cloud environments. Disconnect from all the Microsoft sessions after you finish, or if you want to run it against another tenant. CISA is specifically requesting insight on the feasibility, clarity, and usefulness of the baselines. Although BOD 25-01 only requires action by Federal Civilian Executive Branch agencies, CISA strongly recommends all stakeholders implement these policies and leverage CISA’s SCuBA assessment tool and the information on this page. First – Get Global Administrator permissions to the M365 Tenant. Oct 23, 2024 · Secure your Microsoft 365 cloud with CISA's ScubaGear, a tool for enhancing security posture and preventing threats. Nov 27, 2024 · Disconnect SCuBA session. Disconnect-SCuBATenant. 24, 2022. CISA created baselines tailored to the federal government’s threats and risk tolerance with the knowledge that every organization has different The tool is currently in the Request For Comments phase. The SCuBA tools offer a standardized approach to assessing and securing cloud environments, which could significantly streamline processes for Dec 17, 2024 · CISA’s Binding Operational Directive (BOD) 25-01 instructs agencies to identify all of its cloud instances and implement assessment tools, while also making sure that their cloud environments are aligned with the cyber agency’s Secure Cloud Business Applications (SCuBA) configuration baselines. 0 Dec 21, 2023 · CISA thanks all whose input took this guidance from a series of best practices to actionable policies and made the SCuBAGear tool easier to use. The SCuBA project currently provides secure configuration baselines for Microsoft 365 and Google Workspace. Implement all mandatory SCuBA policies effective as of this Directive’s issuance, as set forth in the CISA-managed Binding Operational Directive 25-01 Required CISA has released this tool on Oct 26 2022, it's great way to quickly check your tenant's security baseline. CISA created baselines tailored to the federal government’s threats and risk tolerance with the knowledge that every organization has different May 30, 2025 · At the heart of BOD 25-01 are the SCuBA tools. This Directive requires federal civilian agencies to identify specific cloud tenants, implement assessment tools, and align cloud environments to CISA’s Secure Cloud Business Applications (SCuBA) secure configuration basel Apr 23, 2025 · SCuBA’s directive states, “through the SCuBA project, CISA developed Secure Configuration Baselines, providing consistent and manageable cloud security configurations. Nov 13, 2024 · ScubaGear, a tool developed by the Cybersecurity and Infrastructure Security Agency (CISA) to automatically assess Microsoft 365 (M365) configurations for security gaps, hit a major milestone: more than 30,000 downloads since its debut in October 2022. 3. CISA Director Jen Easterly said in a statement Apr 22, 2025 · With this goal in mind, the Cybersecurity and Infrastructure Security Agency (CISA) created the Secure Cloud Business Applications (SCuBA) project. Mar 1, 2024 · Introduction So what is CISA ScubaGear? Well, it isn't something to help you scuba dive! But it is another excellent opensource tool that you can add to your belt if you are interested in knowing how "secure" your M365 tenant is: GitHub - cisagov/ScubaGear: Automation to assess the state Dec 20, 2023 · The CISA SCuBA SCBs for M365 help secure federal information assets stored within M365 cloud business application environments through consistent, effective, and manageable security configurations. 76 votes, 13 comments. Multi-Product Coverage: The tool can assess various M365 products, including Azure Active Directory, Exchange Online, OneDrive for Business, SharePoint Online, and Teams. SCuBA provides guidance and capabilities for securing cloud business application environments. Secure Cloud Business Applications (SCuBA) Project. gov/scuba. hrjh soekmzd jrhwm liecs sjr dzvz xfdim wpouc vasy ajab