Open Nav
Sign Up

CISA Releases Microsoft 365 Secure Configuration Baselines and SCuBAGear Tool

Microsoft releases scubagear

Bar Refael

January 9, 2024

The Cybersecurity and Infrastructure Security Agency (CISA) has released the finalized Microsoft 365 Secure Configuration Baselines. This important development is aimed at enhancing the security and resilience of organizations using Microsoft 365 (M365) cloud services. Complementing this release is the updated SCuBAGear tool, designed to help organizations assess their M365 cloud services against CISA’s recommended baselines.

Microsoft 365 Secure Configuration Baselines:

  • Objective: To provide organizations with comprehensive guidelines for securely configuring their M365 environments.
  • Contents: The baselines cover a range of configurations for various M365 services, focusing on best practices in areas like identity and access management, data protection, and threat prevention.

SCuBAGear Tool:

  • Functionality: SCuBAGear is an assessment tool that evaluates the alignment of an organization’s M365 configurations with CISA’s security baselines.
  • Enhancements: The tool now features increased automation, streamlining the assessment process and reducing the effort required by organizations.

Development and Feedback Integration:

  • Stakeholder Input: The final release incorporates feedback gathered during a public comment period and a pilot program with federal agencies.
  • Improvements: Changes based on this feedback have been integrated, enhancing the effectiveness and usability of both the baselines and the SCuBAGear tool.

Recommendations for Organizations:

  • Baseline Review and Implementation: Carefully review the Microsoft 365 Secure Configuration Baselines and implement the recommended configurations for enhanced security.
  • Use of SCuBAGear Tool: Employ the SCuBAGear tool to assess and align your organization’s M365 configurations with CISA’s guidelines.
  • Stay Informed: Follow updates on CISA’s blog and reach out to CISA’s Cybersecurity Shared Services Office for further support and guidance.

The release of the Microsoft 365 Secure Configuration Baselines and the SCuBAGear tool represents a crucial step in supporting organizations to strengthen their M365 cloud service security. Adhering to these guidelines and utilizing the assessment tool can significantly improve an organization’s cybersecurity posture in the cloud.

Resources highlights

AsyncAPI npm Supply-Chain Attack Delivers Cross-Platform Miasma RAT

A software supply-chain attack compromised four packages in the official AsyncAPI npm namespace, resulting in five malicious package versions being distributed through the project’s legitimate…

Read more >

AsyncAPI supply chain attack

Zoom Windows Vulnerability Enables Account Takeover (CVE-2026-53412)

Zoom has released security updates for a critical vulnerability affecting Zoom Workplace and Zoom Workplace VDI clients for Windows. Tracked as CVE-2026-53412, the vulnerability could…

Read more >

cve-2026-53412

Actively Exploited SonicWall SMA1000 Vulnerabilities (CVE-2026-15409 and CVE-2026-15410)

SonicWall has released emergency hotfixes for two vulnerabilities affecting SMA1000 Series secure access appliances. Both vulnerabilities have been exploited in active attacks, and one carries…

Read more >

sonicwall_cve-2026-15409_cve-2026-15410_op

Critical Gitea Docker Authentication Bypass Under Active Probing: CVE-2026-20896

A critical authentication bypass vulnerability, tracked as CVE-2026-20896, has been disclosed in the official Gitea Docker image. Gitea is a self-hosted software development platform used…

Read more >

gitea_docker_cve-2026-20896

Adobe Patches Multiple Critical ColdFusion and Campaign Classic Vulnerabilities: CVE-2026-48282 Exploitation Observed

Adobe has released security updates for multiple critical vulnerabilities affecting Adobe ColdFusion and Adobe Campaign Classic, including several flaws rated CVSS 10.0.CVE-2026-48282, a critical ColdFusion…

Read more >

adobe_coldfusion_campaign classic_cve-2026-48282

CVE-2026-46817: Critical Oracle E-Business Suite Vulnerability

A critical vulnerability in Oracle E-Business Suite is now being actively exploited in the wild. Tracked as CVE-2026-46817, the flaw affects the File Transmission component…

Read more >

cve-2026-46817-oracle-e-business
Under Cyber Attack?

Fill out the form and we will contact you immediately.