Scuba azure. Visit CISA’s SCuBA project page for more information.
Scuba azure This Secure Configuration Baseline (SCB) provides specific policies to help secure Azure AD. Although its primary goal is to help secure Federal Civilian Executive Branch (FCEB) information in cloud environments, all organizations can use SCuBA to strengthen SaaS security. These baselines will kick off a series of pilot efforts to advance cloud security practices across the FCEB and more effectively safeguard sensitive information and government services. HOW MUCH WILL SCUBA COST AGENCIES? SCuBA guidance and consultation surrounding implementation for the pilots is available at no cost to agencies. Oct 20, 2022 · Today, we are excited to announce the latest contribution of the SCuBA project: a series of recommended security configuration baselines for Microsoft 365 (M365). SCUBALITE - Free self-guided version process & workflowScubaLite delivers all the power of the enterprise, offering a risk-free self-service experience deployed within your Azure cloud for one year. Create Scuba Analytics test user Oct 26, 2022 · Updated: November 29th, 2022. - Flexibility to analyze new behavioral patterns, regardless of complexity, on-the-fly with no ETL or coding Oct 23, 2024 · The SCuBA program provides a valuable assessment tool called ScubaGear to provide reports that help harden Microsoft 365 environments. This project is currently in the alpha stages but there is a ton of great recommendations that span across the suite offerings like Azure AD, Exchange, Teams, Defender, OneDrive, SharePoint, and even Power Platform. Dec 20, 2023 · 1. cisa. Start exploring with preinstalled data sets and guides or securely connect your data to experience what Scuba Analytics enables for your organization. May 20, 2025 · Configure Scuba Analytics SSO. Scuba's behavioral analytics platform allows you to visually explore trillions of data points, interactively and in real-time. CISA SECURITY CONFIGURATION BASELINE FOR AZURE ACTIVE DIRECTORY Microsoft 365 (M365) Azure Active Directory (Azure AD) is a cloud-based identity and access control service that provides security and functional capabilities. CISA established the SCuBA project in 2022 to address cybersecurity and visibility gaps exposed by software-as-a-service (SaaS) cyber intrusions and compromises. Within this guidance they cover the M365 and Google Workspace stacks, and they have also released the ScubaGear tool, which you can find here, cisagov/ScubaGear: Automation to assess the state of your M365 tenant against CISA’s baselines Scuba Lite offers packs all the power and feature-rich benefits of Scuba's enterprise customer intelligence, offering risk-free. Invoke-SCuBA includes the -DisconnectOnExit parameter to disconnect each of connection upon exit. ; Step Two - It then calls Open Policy Agent (OPA) to compare these settings against Rego security policies written per the baseline documents. Visit CISA’s SCuBA project page for more information. To disconnect sessions after a run, use Disconnect-SCuBATenant. ScubaGear uses a three-step process: Step One - PowerShell code queries M365 APIs for various configuration settings. The cmdlet disconnects from Azure Active Directory (via MS Graph API), Defender, Exchange Online, OneDrive, Power Platform, SharePoint Online, and Microsoft Teams. Mar 27, 2025 · The Secure Cloud Business Applications (SCuBA) project run by the Cybersecurity and Infrastructure Security Agency (CISA) provides guidance and capabilities to secure federal civilian executive branch (FCEB) agencies’ cloud business application environments and protect federal information that is created, accessed, shared, and stored in those Nov 28, 2022 · CISA has recently released a project called SCuBA which is providing a security baseline for Microsoft 365. As the SCuBA project progresses, CISA will determine potential candidate cybersecurity shared service offering(s) in support of secure cloud business applications. To configure single sign-on on Scuba Analytics side, you need to send the downloaded Certificate (Base64) and appropriate copied URLs from the application configuration to Scuba Analytics support team. Nov 26, 2024 · The Secure Cloud Business Applications (SCuBA) Gear module automates Note that deploying packages with dependencies will deploy all the dependencies to Azure . gov. Microsoft has worked together with CISA to produce and maintain the secure configuration baselines for ScubaGear as well as an accompanying PowerShell script tool to scan M365 environments. 1. Mar 12, 2024 · HISG is the latest resource released by CISA’s SCuBA project. Dec 17, 2024 · For questions about the SCuBA program, Secure Configuration Baselines, the assessment and tools, managing inventory or uploading SCuBA files to CyberScope, integrating SCuBA results to CLAW Azure TALONs, and/or viewing SCuBA results in CDM, contact the SCuBA team at scuba@mail. Dec 18, 2024 · Automated Assessment: The SCuBA tool automates the process of checking M365 tenant configurations against CISA’s Secure Configuration Baselines. CISA recently released baseline guidance for cloud application security, dubbed SCuBA, or Secure Cloud Business Applications. dhs. Multi-Product Coverage: The tool can assess various M365 products, including Azure Active Directory, Exchange Online, OneDrive for Business, SharePoint Online, and Teams. In accordance with Executive Order 14028, CISA’s SCuBA project aims to develop consistent, effective, modern, and manageable security that will help secure organizations’ information assets stored within cloud environments. - Unparalleled flexibility, scale and an enterprise-ready deployment model within Azure. They set this setting to have the SAML SSO connection set properly on both sides. Dec 21, 2023 · When CISA initiated its Secure Cloud Business Applications (SCuBA) project, our goal was to elevate the federal government’s baseline for email and cloud environments by optimizing the security capabilities available within widely used products and services while enabling operational visibility at the enterprise-level in support of our shared cybersecurity mission. This page details an up-to-date list of the Secure Cloud Business Applications (SCuBA) required configurations which Federal Civilian Executive Branch agencies are required to follow in accordance with BOD 25-01: Implementing Secure Practices for Cloud Services. uqxbrthhbhjxgbflutvfyspmbpdksifqiaumhsdflzfdcnnnpfsgis