{"id":13305724,"url":"https://github.com/cisagov/ScubaGoggles","last_synced_at":"2025-03-10T13:32:27.999Z","repository":{"id":211159634,"uuid":"670199969","full_name":"cisagov/ScubaGoggles","owner":"cisagov","description":"SCuBA Secure Configuration Baselines and assessment tool for Google Workspace ","archived":false,"fork":false,"pushed_at":"2025-03-06T18:54:16.000Z","size":5552,"stargazers_count":200,"open_issues_count":99,"forks_count":33,"subscribers_count":12,"default_branch":"main","last_synced_at":"2025-03-06T19:21:48.578Z","etag":null,"topics":["cisa","cybersecurity","google","google-workspace","gws","opa","open-policy-agent","open-source","python","scuba","security","security-automation"],"latest_commit_sha":null,"homepage":"https://www.cisa.gov/resources-tools/services/secure-cloud-business-applications-scuba-project","language":"Open Policy Agent","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"cc0-1.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cisagov.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-07-24T14:07:20.000Z","updated_at":"2025-03-06T18:38:13.000Z","dependencies_parsed_at":"2023-12-27T16:24:49.590Z","dependency_job_id":"60749355-8379-4cdc-8a85-14c6a702aff2","html_url":"https://github.com/cisagov/ScubaGoggles","commit_stats":null,"previous_names":["cisagov/scubagoggles"],"tags_count":5,"template":true,"template_full_name":"cisagov/ScubaGear","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cisagov%2FScubaGoggles","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cisagov%2FScubaGoggles/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cisagov%2FScubaGoggles/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cisagov%2FScubaGoggles/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cisagov","download_url":"https://codeload.github.com/cisagov/ScubaGoggles/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":242859816,"owners_count":20196996,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cisa","cybersecurity","google","google-workspace","gws","opa","open-policy-agent","open-source","python","scuba","security","security-automation"],"created_at":"2024-07-29T17:54:00.235Z","updated_at":"2025-03-10T13:32:27.968Z","avatar_url":"https://github.com/cisagov.png","language":"Open Policy Agent","funding_links":[],"categories":["Open Policy Agent"],"sub_categories":[],"readme":"\n![CISA Logo](docs/images/cisa.png)\n\u003cdiv align='center' style=\"margin:0;\" id=\"user-content-toc\"\u003e\n  \u003cul\u003e\n    \u003ch1 style=\"display: inline-block;\"\u003eScubaGoggles\u003c/h1\u003e\n  \u003c/ul\u003e\n  \u003cul\u003e\n        \u003ca href=\"https://github.com/cisagov/ScubaGoggles/releases\"\u003e\n        \u003cimg src=\"https://img.shields.io/badge/ScubaGoggles-v0.4.1-%2385B065?labelColor=%23005288\"  alt=\"ScubaGoggles version #\"\u003e\u003c/a\u003e\n        \u003ca href=\"https://github.com/cisagov/ScubaGoggles/tree/main/baselines\"\u003e\n        \u003cimg src=\"https://img.shields.io/badge/GWS_SCB-v0.4-%2385B065?labelColor=%23005288\" alt=\"GWS SCB version #\"\u003e\u003c/a\u003e\n        \u003ca href=\"\"\u003e\n        \u003cimg src=\"https://img.shields.io/github/downloads/cisagov/ScubaGoggles/total.svg\"  alt=\"Downloads\"\u003e\u003c/a\u003e\n  \u003c/ul\u003e\n\u003c/div\u003e\n\u003ch2 align='center' style=\"margin:0;\"\u003eGWS Secure Configuration Baseline Assessment Tool \u003c/h2\u003e\n\nDeveloped by CISA, ScubaGoggles is an assessment tool that verifies a Google\nWorkspace (GWS) organization's configuration conforms to the policies\ndescribed in the Secure Cloud Business Applications\n([SCuBA](https://cisa.gov/scuba)) Secure Configuration\nBaseline [documents](scubagoggles/baselines/README.md).\n\nFor the Microsoft 365 (M365) rendition of this tool, see [ScubaGear](https://github.com/cisagov/ScubaGear).\n\n\u003e [!WARNING]\n\u003e This tool is in an alpha state and in active development. At this time, outputs could be incorrect and should be reviewed carefully.\n\n## Overview\nWe use a three-step process:\n1. **Export**. In this step, we primarily use the Google Admin SDK API to export and serialize all the relevant logs and settings into json. ScubaGoggles also uses various other Google APIs to grab organization metadata, user privileges etc.\n2. **Verify**. Compare the exported settings from the previous step with the configuration prescribed in the baselines. We do this using [OPA Rego](https://www.openpolicyagent.org/docs/latest/policy-language/#what-is-rego), a declarative query language for defining policy.\n3. **Report**. Package the results as HTML and JSON.\n\n## Table of Contents\n\n### Installation\n\n- [Download and Python Install](docs/installation/DownloadAndInstall.md)\n- [Download the OPA Executable](docs/installation/OPA.md)\n\n### Prerequisites\n\n- [Permissions](docs/prerequisites/Prerequisites.md#permissions)\n- [Create a Project](docs/prerequisites/Prerequisites.md#create-a-project)\n\n### Authentication\n- [Authentication Methods](docs/authentication/AuthenticationMethods.md)\n- [Using OAuth](docs/authentication/OAuth.md)\n- [Using a Service Account](docs/authentication/ServiceAccount.md)\n\n### Usage\n\n- [Usage: Parameters](docs/usage/Parameters.md)\n- [Usage: Config File](docs/usage/Config.md)\n- [Usage: Examples](docs/usage/Examples.md)\n- [Reviewing Output](docs/usage/ReviewOutput.md)\n- [Limitations](docs/usage/Limitations.md)\n\n### Troubleshooting\n- [Lots of Manual Checks](docs/troubleshooting/Troubleshooting.md#lots-of-manual-checks)\n- [Not Authorized to Access This Resource](docs/troubleshooting/Troubleshooting.md#not-authorized-to-access-this-resource)\n- [scubagoggles Not Found](docs/troubleshooting/Troubleshooting.md#scubagoggles-not-found)\n- [Unable to view HTML report due to environment limitations](docs/troubleshooting/Troubleshooting.md#unable-to-view-html-report-due-to-environment-limitations)\n\n## Project License\nUnless otherwise noted, this project is distributed under the Creative\nCommons Zero license. With developer approval, contributions may be\nsubmitted with an alternate compatible license. If accepted, those\ncontributions will be listed herein with the appropriate license.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcisagov%2FScubaGoggles","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcisagov%2FScubaGoggles","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcisagov%2FScubaGoggles/lists"}