Search

More Filters

Show More
Add Listing
Go Back

ScubaGear

0
New
Security & Compliance
Report

Report Abuse

Basic Information

ScubaGear is an open source assessment tool for Microsoft 365 tenants that checks a tenant’s configuration against the Secure Cloud Business Applications (SCuBA) Secure Configuration Baselines. It is aimed at Microsoft 365 administrators who need to verify that tenant settings align with CISA baseline guidance. The project is delivered as a PowerShell module and includes documentation for installation, prerequisites, permissions (interactive and non-interactive), execution, configuration, and troubleshooting. The README describes a three-step workflow where PowerShell collects configuration from M365 APIs, the collected data is evaluated by Open Policy Agent using Rego policies authored to reflect the baseline documents, and results are emitted in multiple report formats. The repository also provides installation options from the PowerShell Gallery or GitHub and includes baseline definitions and mapping documentation.

Links

Stars
2257
App URL
https://github.com/cisagov/ScubaGear
Github Repository
https://github.com/cisagov/ScubaGear/blob/main/README.md

Categorization

App Details

Features
ScubaGear implements a three-step assessment pipeline: PowerShell scripts query Microsoft 365 APIs for configuration data, evaluations are performed by Open Policy Agent using Rego policies that encode SCuBA baselines, and the tool outputs results as HTML, JSON, and CSV reports. The project is packaged as a PowerShell module installable from the PowerShell Gallery and includes an initialization command to install minimum dependencies. Documentation covers installation, configuration file parameters, required permissions for both interactive and non-interactive use, and a troubleshooting section addressing multiple tenants, Defender, Exchange Online, Power Platform, Microsoft Graph, and proxy issues. The repo contains CI and functional test workflows, release and download badges, and licensing information.
Use Cases
ScubaGear helps administrators automate assessment of Microsoft 365 security posture against CISA SCuBA baselines, enabling consistent, repeatable checks across tenant environments. By collecting configuration via PowerShell and evaluating it with OPA/Rego policies, it provides objective, policy-driven determinations of compliance and nonconformity. The generated HTML, JSON, and CSV reports make it easier to review findings, share results, and track remediation. Documentation on prerequisites and permissions supports both interactive and non-interactive runs, and troubleshooting guides address common service-specific issues. Installation from the PowerShell Gallery and scripted invoke commands simplify adoption for administrators who want to incorporate tenant assessments into regular workflows or one-off audits.

Categories

Content Creation (5042)
Monetization & Business (2246)
Development Tools (1407)
Marketing & Social Media (1403)
Education & Career (1380)
Multi-Agent Platforms & Frameworks (1009)
Health & Life (957)
AI Resources (920)
Agents & Automation (778)
Data & Analytics (764)
Productivity Tools (679)
Writing & Editing (666)

Similar Listings

listing image

pentagi

0 (0 review)
listing image

reaper

0 (0 review)
listing image

agentic radar

0 (0 review)
listing image

codegate

0 (0 review)
listing image

memU

0 (0 review)

Featured Listings

Tags

Please fill the required fields*