Skip to content

feat(teams): add new checks teams_security_reporting_enabled and defender_chat_report_policy_configured #7614

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 25 commits into from
May 6, 2025
Merged

feat(teams): add new checks teams_security_reporting_enabled and defender_chat_report_policy_configured #7614

merged 25 commits into from
May 6, 2025

Conversation

andoniaf
Copy link
Contributor

@andoniaf andoniaf commented Apr 25, 2025
edited
Loading

Context

Without proper security reporting enabled, users cannot effectively report suspicious or malicious messages, potentially allowing security threats to go unnoticed.

Description

This checks ensure:

  • Users are allowed to report security concerns in Teams settings.
  • Report Submission Policy is properly configured in Defender settings.

Checklist

API

  • Verify if API specs need to be regenerated.
  • Check if version updates are required (e.g., specs, Poetry, etc.).
  • Ensure new entries are added to CHANGELOG.md, if applicable.

License

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

andoniaf and others added 14 commits April 24, 2025 16:05
@andoniaf
feat(teams): add new check
ed1f828
@andoniaf
fix(teams): add missing field
e5e49da
@andoniaf
feat(teams): add new check teams_meeting_external_chat_disabled
d0d5f11
@andoniaf
feat(teams): add new check teams_meeting_recording_disabled
9b54683
@MrCloudSec
Merge branch 'master' into PRWLR-5810-ensure-external-participants-ca…
7e9ebff 
…nt-give-or-request-control
@andoniaf
chore: update changelog and add missing init
f6cf35a
@andoniaf
Merge branch 'PRWLR-5810-ensure-external-participants-cant-give-or-re…
bb07d97 
…quest-control' into PRWLR-5811-ensure-external-meeting-chat-is-off
@andoniaf
chore: update changelog and add missing init
1e5cb47
@andoniaf
Merge branch 'PRWLR-5811-ensure-external-meeting-chat-is-off' into PR…
0a769aa 
…WLR-5812-ensure-meeting-recording-is-off-by-default
@andoniaf
chore: update changelog and add missing init
3f65963
@andoniaf
feat(teams): add new check teams_meeting_presenters_restricted
7e25414
@andoniaf
chore: update changelog
636d50b
@andoniaf
feat(defender): add report submission policy
2ba2360
@andoniaf
feat(teams): add new check teams_security_reporting_enabled
cdf5f8c
@andoniaf andoniaf requested review from a team as code owners April 25, 2025 11:30
Base automatically changed from PRWLR-5809-ensure-only-organizers-and-co-organizers-can-present to master April 25, 2025 18:34
MrCloudSec
MrCloudSec previously requested changes Apr 25, 2025
View reviewed changes
Copy link
Member

@MrCloudSec MrCloudSec left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@andoniaf, please solve the conflicts in this one.

@codecov Codecov
Copy link

codecov bot commented Apr 29, 2025
edited
Loading

Codecov Report

Attention: Patch coverage is 82.27848% with 14 lines in your changes missing coverage. Please review.

Project coverage is 79.42%. Comparing base (7eec60f) to head (d097fd3).
Report is 3 commits behind head on master.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #7614      +/-   ##
==========================================
+ Coverage   79.24%   79.42%   +0.18%     
==========================================
  Files         153      156       +3     
  Lines        7062     7188     +126     
==========================================
+ Hits         5596     5709     +113     
- Misses       1466     1479      +13
Flag Coverage Δ
prowler 79.42% <82.27%> (+0.18%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Components Coverage Δ
prowler 79.42% <82.27%> (+0.18%) ⬆️
api ∅ <ø> (∅)
🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@MrCloudSec MrCloudSec self-requested a review May 5, 2025 13:58
@andoniaf andoniaf changed the title feat(teams): add new check teams_security_reporting_enabled feat(teams): add new checks teams_security_reporting_enabled and defender_report_policy_configured May 5, 2025
@andoniaf andoniaf requested review from MrCloudSec and HugoPBrito May 5, 2025 16:24
@HugoPBrito HugoPBrito changed the title feat(teams): add new checks teams_security_reporting_enabled and defender_report_policy_configured feat(teams): add new checks teams_security_reporting_enabled and defender_chat_report_policy_configured May 6, 2025
HugoPBrito
HugoPBrito requested changes May 6, 2025
View reviewed changes
Copy link
Member

@HugoPBrito HugoPBrito left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please, take a look and let me know what you think!

@andoniaf @HugoPBrito
chore: apply suggestions from code review
d097fd3 
Co-authored-by: Hugo Pereira Brito <101209179+HugoPBrito@users.noreply.github.com>
@HugoPBrito HugoPBrito self-requested a review May 6, 2025 09:22
HugoPBrito
HugoPBrito approved these changes May 6, 2025
View reviewed changes
Copy link
Member

@HugoPBrito HugoPBrito left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Perfect, thanks!

@HugoPBrito HugoPBrito dismissed MrCloudSec’s stale review May 6, 2025 09:26

Already solved. Unblock merge.

@andoniaf andoniaf merged commit e5ca51d into master May 6, 2025
12 checks passed
@andoniaf andoniaf deleted the PRWLR-5813-ensure-users-can-report-security-concerns-in-teams branch May 6, 2025 09:30
jfagoagas pushed a commit that referenced this pull request May 8, 2025
@andoniaf @MrCloudSec
@HugoPBrito @jfagoagas
feat(teams): add new checks teams_security_reporting_enabled and `d…
2e13481 
…efender_chat_report_policy_configured` (#7614)

Co-authored-by: Sergio Garcia <hello@mistercloudsec.com>
Co-authored-by: Hugo Pereira Brito <101209179+HugoPBrito@users.noreply.github.com>
andoniaf added a commit that referenced this pull request May 9, 2025
@andoniaf @MrCloudSec @HugoPBrito
feat(teams): add new checks teams_security_reporting_enabled and `d…
7d095e2 
…efender_chat_report_policy_configured` (#7614)

Co-authored-by: Sergio Garcia <hello@mistercloudsec.com>
Co-authored-by: Hugo Pereira Brito <101209179+HugoPBrito@users.noreply.github.com>
andoniaf added a commit that referenced this pull request May 9, 2025
@andoniaf @MrCloudSec @HugoPBrito
feat(teams): add new checks teams_security_reporting_enabled and `d…
86ebfb5 
…efender_chat_report_policy_configured` (#7614)

Co-authored-by: Sergio Garcia <hello@mistercloudsec.com>
Co-authored-by: Hugo Pereira Brito <101209179+HugoPBrito@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@MrCloudSec MrCloudSec MrCloudSec left review comments

@HugoPBrito HugoPBrito HugoPBrito approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@andoniaf @MrCloudSec @HugoPBrito