Re: REN-ISAC TAG Service Announcement: O365 Community Scripts Repository

[Stephen Fugale <stephen.fugale () VILLANOVA EDU>]

We need milk

Stephen Fugale
Vice President &
Chief Information Officer
Villanova University

On Jan 28, 2019, at 3:45 PM, Manjak, Martin <mmanjak () albany edu<mailto:mmanjak () albany edu>> wrote:

Greetings Everyone;

The Technical Advisory Group (TAG), a standing REN-ISAC committee[1], is very pleased to announce a new service: A 
public GitHub repository[2] of member-contributed O365 scripts for security incident analysis and response.

In addition to the scripts, here's some of the information you will find on the site:

               o A description of the different types of O365 logs available by license tier.
               o How and what tools can be used to pull those logs.
               o How to export those logs to external tools (e.g., SIEM).
               o A collection of tested, production scripts from REN-ISAC members.

This project is intended to encourage further community-of-practice collaborations and contributions (e.g., a GAFE 
repository) to sustain and increase the value of this open source resource.

Participation
Contributions are welcome, whether new scripts, documentation, or improvements to existing work. Refer to 
CONTRIBUTING.md[3] for details.

Scripts currently published include:
  + MessageTraceLogGatherer
  + O365_Clear_Forwarding
  + O365_Find_Forwarding_Duplicates
  + O365_Get_InboxRules
  + O365_Get_Last_PW_Reset
  + O365_Get_Mailbox_Forwarding
  + O365_Get_Message_Trace

Feedback and Proposals
Please share your thoughts about this service offering and submit proposals for similar projects via tag-comment () 
lists ren-isac net<mailto:tag-comment () lists ren-isac net>.
======================

[1] 
https://www.ren-isac.net/about/governance/tag.html<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ren-isac.net%2Fabout%2Fgovernance%2Ftag.html&data=02%7C01%7Cstephen.fugale%40VILLANOVA.EDU%7C7e43346da50545583c9e08d685619320%7C765a8de5cf9444f09cafae5bf8cfa366%7C0%7C0%7C636843051502665295&sdata=dN7xT%2FJNjQCHMtTWXj%2FPAJGPOBVZOYQDIZZ8zmeR8eI%3D&reserved=0>

[2] 
https://github.com/renisac/O365-Management-and-Log-Scripts<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Frenisac%2FO365-Management-and-Log-Scripts&data=02%7C01%7Cstephen.fugale%40VILLANOVA.EDU%7C7e43346da50545583c9e08d685619320%7C765a8de5cf9444f09cafae5bf8cfa366%7C0%7C0%7C636843051502665295&sdata=U7aV%2Fq5ImZDfUbyC%2BfYpe2GJTzmTxYWAPdF893cav24%3D&reserved=0>

[3] 
https://github.com/renisac/O365-Management-and-Log-Scripts/blob/master/CONTRIBUTING.md<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Frenisac%2FO365-Management-and-Log-Scripts%2Fblob%2Fmaster%2FCONTRIBUTING.md&data=02%7C01%7Cstephen.fugale%40VILLANOVA.EDU%7C7e43346da50545583c9e08d685619320%7C765a8de5cf9444f09cafae5bf8cfa366%7C0%7C0%7C636843051502821544&sdata=SQQ%2BbCpBMFPCd5TJ4uUGEcD9v6ppzZ%2BGL%2F2gZL16pvs%3D&reserved=0>


Martin Manjak, CISSP
Chief Information Security Officer
Information Technology Services
University at Albany
1400 Washington Ave., ITB 102F
Albany, NY 12222
518/442-6411
mmanjak () albany edu<mailto:mmanjak () albany edu>