vibecoding/M365FoundationsCISReport
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f85101d0def9e54374e5b37b5e84f8555aa3d3e9
M365FoundationsCISReport/CHANGELOG.md

6.8 KiB
Raw Blame History

Changelog for M365FoundationsCISReport

The format is based on and uses the types of changes according to Keep a Changelog, and this project adheres to Semantic Versioning.

[Unreleased]

Fixed

  • Fixed bug in 1.1.1 that caused the test to fail/pass incorrectly. Added verbose output.

Docs

  • Updated helper csv formatting for one cis control.

[0.1.8] - 2024-06-09

Added

  • Added output type to functions.

Fixed

  • Whatif support for Invoke-M365SecurityAudit.
  • Whatif module output and module install process.

[0.1.7] - 2024-06-08

Added

  • Added pipeline support to Sync-CISExcelAndCsvData function for [CISAuditResult[]] input.

Changed

  • Updated Connect-M365Suite to make TenantAdminUrl an optional parameter.
  • Updated Invoke-M365SecurityAudit to make TenantAdminUrl an optional parameter.
  • Improved connection handling and error messaging in Connect-M365Suite.
  • Enhanced Invoke-M365SecurityAudit to allow flexible inclusion and exclusion of specific recommendations, IG filters, and profile levels.
  • SupportsShoudProcess to also bypass connection checks in Invoke-M365SecurityAudit as well as Disconnect-M365Suite.

[0.1.6] - 2024-06-08

Added

  • Added pipeline support to Sync-CISExcelAndCsvData function for [CISAuditResult[]] input.

[0.1.5] - 2024-06-08

Added

  • Updated test definitions for CIS Microsoft 365 Foundations Benchmark for better error handling and object output when errors occur.
  • Added a parameter to the Initialize-CISAuditResult function to allow for a static failed object to be created when an error occurs.
  • Refactored Invoke-M365SecurityAudit to include a new private function Invoke-TestFunction for executing test functions and handling errors.
  • Added a new private function Measure-AuditResult to calculate and display audit results.
  • Enhanced error logging to capture failed test details and display them at the end of the audit.
  • Added a private function Get-RequiredModule to initialize the $requiredModules variable for better code organization in the main script.
  • Updated Test-MailboxAuditingE3 and Test-MailboxAuditingE5 functions to use Format-MissingAction for structuring missing actions into a pipe-separated table format.
  • Added more verbose logging to Test-BlockMailForwarding and improved error handling for better troubleshooting.
  • Improved Test-RestrictCustomScripts to handle long URL lengths better by extracting and replacing common hostnames, and provided detailed output.
  • Added sorting to output.
  • Created new functions for improved modularity.
  • Parameter validation for Excel and CSV path in sync function.
  • Added Output type to tests.
  • Added M365DomainForPWPolicyTest parameter to Invoke-M365SecurityAudit to specify testing only the default domain for password expiration policy when '1.3.1' is included in the tests.

Fixed

  • Ensured the Invoke-TestFunction returns a CISAuditResult object, which is then managed in the Invoke-M365SecurityAudit function.
  • Corrected the usage of the join operation within $details in Test-BlockMailForwarding to handle arrays properly.
  • Fixed the logic in Test-RestrictCustomScripts to accurately replace and manage URLs, ensuring compliance checks are correctly performed.
  • Updated the Test-MailboxAuditingE3 and Test-MailboxAuditingE5 functions to handle the $allFailures variable correctly, ensuring accurate pass/fail results.
  • Fixed the connections in helper CSV and connect function.
  • Removed verbose preference from Test-RestrictCustomScripts.
  • Ensured that the output in Test-BlockMailForwarding does not include extra spaces between table headers and data.
  • Fixed output in Test-MailboxAuditingE3 and Test-MailboxAuditingE5 to correctly align with the new table format.
  • Added step 1 and step 2 in Test-BlockMailForwarding details to ensure comprehensive compliance checks.
  • Fixed the issue with the output in Test-RestrictCustomScripts to ensure no extra spaces between table headers and data.

[0.1.4] - 2024-05-30

Added

  • Test definitions filter function.
  • Logging function for future use.
  • Test grade written to console.

Changed

  • Updated sync function to include connection info.
  • Refactored connect/disconnect functions to evaluate needed connections.

[0.1.3] - 2024-05-28

Added

  • Array list to store the results of the audit.
  • Arraylist tests and helper template.
  • New testing function.
  • Missing properties to CSV.

Changed

  • Refactored object initialization to source RecDescription, CISControl, and CISDescription properties from the CSV.
  • Added Automated and Connection properties to the output object.
  • All test functions aligned with the test-template.
  • Initialize-CISAuditResult refactored to use global test definitions.

Fixed

  • Corrected test-template.
  • Details added to pass.

Docs

  • Updated comments and documentation for new functions.

[0.1.2] - 2024-04-29

Added

  • Automated and organized CSV testing and added test 1.1.1.
  • Functions to merge tests into an Excel benchmark.
  • Public function for merging tests.
  • Testing for guest users under test 1.1.4.
  • Error handling for Get-AdminRoleUserLicense.
  • Project URI and icon added to manifest.

Fixed

  • Format for TestDefinitions.csv.
  • Filename for Test-AdministrativeAccountCompliance.
  • Error handling in test 1.1.1.
  • Properties for skipping and including tests.

Docs

  • Updated comments for new functions.
  • Updated help documentation.
  • Updated online link in public function.

[0.1.1] - 2024-04-02

Fixed

  • Fixed Test-ModernAuthExchangeOnline Profile Level in object.

Added

  • CIS Download Notes to Comment-Help Block.
  • Notes to README.md for CIS Download.

[0.1.0-preview0001] - 2024-03-25

Added

  • Initial release of the M365FoundationsCISReport PowerShell module v0.0.1.
  • Function Invoke-M365SecurityAudit for conducting a comprehensive security audit in Microsoft 365 environments.
  • Support for multiple parameter sets including ELevelFilter, IGFilters, RecFilter, and SkipRecFilter to cater to diverse audit requirements.
  • Implementation of -NoModuleCheck, -DoNotConnect, and -DoNotDisconnect switches for enhanced control over module behavior.
  • Integration with required modules like ExchangeOnlineManagement, AzureAD, Microsoft.Graph, Microsoft.Online.SharePoint.PowerShell, and MicrosoftTeams.
  • A dynamic test loading system based on CSV input for flexibility in defining audit tests.
  • Comprehensive verbose logging to detail the steps being performed during an audit.
  • Comment-help documentation for the Invoke-M365SecurityAudit function with examples and usage details.
  • Attribution to CIS and licensing information under the Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License in the README.