A new Attic #release packed with new checks, inspired by the #CIS Benchmark for #Microsoft365.
This release is full of new Checks and Fixes. Because we are working hard to ensure that Attic becomes “CIS-certified” as an assessment tool for Microsoft365 and have now built nearly all the checks that were required for this.
In addition, there is also news to report about the back-end of Attic.
Splitting Client/Partner App
Attic uses OAuth apps to gain the necessary access to Microsoft tenants that need to be monitored. That way we comply with the Secure Application Model that Microsoft prescribes for the secure execution of services on customer environments.
We have now created different versions of these OAuth Apps for partners and end customers, so that in both scenarios we get the right authorizations and no more than necessary.
SecurityContent
New or changed checks in this release:
- CHK-1059 – SafeLinks should be enabled.
- CHK-1060 – External storage should be disabled in Outlook.
- CHK-1062 – Safe Attachments should be enabled.
- CHK-1063 – Anti-Phishing policy should be enabled.
- CHK-1064 – Outlook addins should be disabled.
- CHK-1065 – Outbound Spam policy should be set to notify administrators.
- CHK-1155 – Users should not be allowed to create tenants.
- CHK-1522 – External sharing by guests should be disabled.
- CHK-1525 – External sharing should be based on white- or blacklist.
Attic Versie 2023.9.0 – Release Notes
Een nieuwe Attic #release bomvol nieuwe checks, geïnspireerd door de #CIS Benchmark voor #Microsoft365.
Deze release zit vol met nieuwe Checks en Fixes. Want we zijn hard bezig om te zorgen dat Attic “CIS-certified” raakt als assessment tool voor Microsoft365 en hebben nu bijna alle checks gebouwd die daarvoor nog nodig waren.
Daarnaast is er ook nieuws te melden over het back-end van Attic.
Splitsing Client/Partner App
Attic gebruikt OAuth apps om de nodige toegang te krijgen tot Microsoft tenants die gecontroleerd moeten worden. Daarmee voldoen we aan het Secure Application Model dat Microsoft voorschrijft voor het veilig uitvoeren van diensten op klantomgevingen.
We hebben nu verschillende versies van deze OAuth Apps voor partners en eindklanten gemaakt, zodat we in beide scenario’s de juiste autorisaties krijgen en niet meer dan nodig.
Security Content
Nieuwe of gewijzigde checks in deze release:
- CHK-1059 – SafeLinks should be enabled.
- CHK-1060 – External storage should be disabled in Outlook.
- CHK-1062 – Safe Attachments should be enabled.
- CHK-1063 – Anti-Phishing policy should be enabled.
- CHK-1064 – Outlook addins should be disabled.
- CHK-1065 – Outbound Spam policy should be set to notify administrators.
- CHK-1155 – Users should not be allowed to create tenants.
- CHK-1522 – External sharing by guests should be disabled.
- CHK-1525 – External sharing should be based on white- or blacklist.