Remove the policies stating that 3rd products should offer comparable services

scubagoggles/Testing/Unit/Rego/gmail/gmail16_test.rego

@@ -315,24 +315,3 @@ test_SecuritySandbox_Incorrect_V5 if {
 }
 #--
 
-#
-# GWS.GMAIL.16.2
-#--
-test_Other_Correct_V1 if {
-    # Test not implemented
-    PolicyId := GmailId16_2
-    Output := tests with input as {
-        "gmail_logs": {"items": [
-        ]},
-        "tenant_info": {
-            "topLevelOU": ""
-        }
-    }
-
-    RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId]
-    count(RuleOutput) == 1
-    not RuleOutput[0].RequirementMet
-    not RuleOutput[0].NoSuchEvent
-    RuleOutput[0].ReportDetails == "Currently not able to be tested automatically; please manually check."
-}
-#--

scubagoggles/baselines/gmail.md

@@ -156,7 +156,7 @@ An SPF policy SHALL be published for each domain that fails all non-approved sen
 
 - _Rationale:_ Threat actors could potentially manipulate the 'FROM' field in an email to appear as a legitimate sender, increasing the risk of phishing attacks. By publishing an SPF policy for each domain that fails all non-approved senders, this risk can be reduced as it provides a means to detect and block such deceptive emails. Additionally, an SPF policy is required for Federal Civilian Executive Branch (FCEB) agencies by Binding Operational Directive 18-01, "Enhance Email and Web Security."
 - _Last modified:_ February 2024
-- _Note:_ 
+- _Note:_
   - SPF defines two different "fail" mechanisms: fail (indicated by `-`, sometimes referred to as hardfail) and softfail (indicated by `~`). Either hard or soft fail may be used to comply with this baseline policy.
   - This policy is not applicable to user alias domains. Gmail uses the primary domain as the `envelope-from` domain and the alias domain as the `header-from` domain, SPF only verifies the `envelope-from` domain.
 - _NIST SP 800-53 Rev. 5 FedRAMP High Baseline Mapping:_ AC-2d
@@ -391,18 +391,6 @@ Emails flagged by SCuBA policies GWS.GMAIL.5.1 through GWS.GMAIL.5.3 SHALL NOT b
     - [T1204:003: User Execution: Malicious Image](https://attack.mitre.org/techniques/T1204/003/)
 
 
-#### GWS.GMAIL.5.6v0.6
-Any third-party or outside application selected for attachment protection SHOULD offer services comparable to those offered by Google Workspace (GWS).
-
-[![Manual](https://img.shields.io/badge/Manual-046B9A)](#gwsgmail56v06-instructions)
-
-- _Rationale:_ Using third-party or outside applications for attachment protection that do not offer services comparable to those offered by GWS could potentially expose users to security risks. Using applications that offer comparable services reduces this risk, enhancing the safety and integrity of user data and systems.
-- _Last modified:_ July 2023
-- _NIST SP 800-53 Rev. 5 FedRAMP High Baseline Mapping:_ SI-3, SI-8
-- MITRE ATT&CK TTP Mapping
-  - None
-
-
 ### Resources
 
 -   [Google Workspace Admin Help: Advanced phishing and malware protection](https://support.google.com/a/answer/9157861?product_name=UnuFlow&hl=en&visit_id=637831282628458101-2078141803&rd=1&src=supportwidget0&hl=en#zippy=%2Cturn-on-attachment-protection)
@@ -438,11 +426,6 @@ To configure the settings for Attachment Protections:
 1.  Under the setting for Policy 5.1 through Policy 5.3, ensure either "Move email to spam" or "Quarantine" is selected.
 
 
-
-#### GWS.GMAIL.5.6v0.6 Instructions
-1.  No implementation steps for this policy
-
-
 ## 6. Links and External Images Protection
 
 This section enables extra protections to prevent email phishing due to links and external images. Specific settings for this control include identifying hidden malicious links behind shortened URLs, scanning linked images to find hidden malicious content, showing a warning prompt when clicking links to untrusted domains, and applying future recommended settings automatically.
@@ -507,17 +490,6 @@ Google SHALL be allowed to automatically apply future recommended settings for l
 - MITRE ATT&CK TTP Mapping
   - None
 
-#### GWS.GMAIL.6.5v0.6
-Any third-party or outside application selected for links and external images protection SHOULD offer services comparable to those offered by Google Workspace (GWS).
-
-[![Manual](https://img.shields.io/badge/Manual-046B9A)](#gwsgmail65v06-instructions)
-
-- _Rationale:_ Using third-party or outside applications for links and external images protection that do not offer services comparable to those offered by GWS could potentially expose users to security risks. Using applications that offer comparable services enhances the safety and integrity of user data and systems.
-- _Last modified:_ July 2023
-- _NIST SP 800-53 Rev. 5 FedRAMP High Baseline Mapping:_ SI-3, SI-8
-- MITRE ATT&CK TTP Mapping
-  - None
-
 
 ### Resources
 
@@ -553,9 +525,6 @@ To configure the settings for Links and External Images Protection:
 #### GWS.GMAIL.6.4v0.6 Instructions
 1.  Check the **Apply future recommended settings automatically** checkbox.
 
-#### GWS.GMAIL.6.5v0.6 Instructions
-1.  No implementation steps for this policy
-
 
 ## 7. Spoofing and Authentication Protection
 
@@ -665,20 +634,6 @@ Google SHALL be allowed to automatically apply future recommended settings for s
     - [T1566:001: Phishing: Spearphishing Attachment](https://attack.mitre.org/techniques/T1566/001/)
     - [T1566:002: Phishing: Spearphishing Link](https://attack.mitre.org/techniques/T1566/002/)
 
-#### GWS.GMAIL.7.8v0.6
-Any third-party or outside application selected for spoofing and authentication protection SHOULD offer services comparable to those offered by Google Workspace.
-
-[![Manual](https://img.shields.io/badge/Manual-046B9A)](#gwsgmail78v06-instructions)
-
-- _Rationale:_ Using third-party or outside applications for spoofing and authentication protection that do not offer services comparable to those offered by GWS could potentially expose users to security risks. Using applications that offer comparable services reduces this risk, enhancing the safety and integrity of user data and systems.
-- _Last modified:_ July 2023
-- _NIST SP 800-53 Rev. 5 FedRAMP High Baseline Mapping:_ SI-8
-- MITRE ATT&CK TTP Mapping
-  - [T1434: Internal Spearphishing](https://attack.mitre.org/techniques/T1434/)
-  - [T1566: Phishing](https://attack.mitre.org/techniques/T1566/)
-    - [T1566:001: Phishing: Spearphishing Attachment](https://attack.mitre.org/techniques/T1566/001/)
-    - [T1566:002: Phishing: Spearphishing Link](https://attack.mitre.org/techniques/T1566/002/)
-
 ### Resources
 
 -   [Google Workspace Admin Help: Advanced phishing and malware protection](https://support.google.com/a/answer/9157861?product_name=UnuFlow&hl=en&visit_id=637831282628458101-2078141803&rd=1&src=supportwidget0&hl=en#zippy=%2Cturn-on-attachment-protection)
@@ -716,13 +671,9 @@ To configure the settings for Spoofing and Authentication Protection:
 #### GWS.GMAIL.7.6v0.6 Instructions
 1.  Under each setting from Policy 7.1 through Policy 7.5, make sure either "Move email to spam" or "Quarantine" is selected.
 
-
 #### GWS.GMAIL.7.7v0.6 Instructions
 1.  Check the **Apply future recommended settings automatically** checkbox.
 
-#### GWS.GMAIL.7.8v0.6 Instructions
-1.  There is no implementation for this policy.
-
 
 ## 8. User Email Uploads
 
@@ -1034,16 +985,6 @@ Enhanced pre-delivery message scanning SHALL be enabled to prevent phishing.
     - [T1566:002: Phishing: Spearphishing Link](https://attack.mitre.org/techniques/T1566/002/)
     - [T1566:003: Phishing: Spearphishing via Service](https://attack.mitre.org/techniques/T1566/003/)
 
-#### GWS.GMAIL.15.2v0.6
-Any third-party or outside application selected for enhanced pre-delivery message scanning SHOULD offer services comparable to those offered by Google Workspace.
-
-[![Manual](https://img.shields.io/badge/Manual-046B9A)](#gwsgmail152v06-instructions)
-
-- _Rationale:_ Using third-party or outside applications for enhanced pre-delivery message scanning that do not offer services comparable to those offered by GWS could potentially expose users to security risks. Using applications that offer comparable services reduces this risk, enhancing the safety and integrity of user data and systems.
-- _Last modified:_ July 2023
-- _NIST SP 800-53 Rev. 5 FedRAMP High Baseline Mapping:_ SI-3, SI-8
-- MITRE ATT&CK TTP Mapping
-  - None
 
 ### Resources
 
@@ -1064,9 +1005,6 @@ To configure the settings for Enhanced Pre-Delivery Message Scanning:
 4.  Check the **Enables improved detection of suspicious content prior to delivery** checkbox.
 5.  Select **Save**.
 
-#### GWS.GMAIL.15.2v0.6 Instructions
-1.  There is no implementation steps for this policy
-
 
 ## 16. Security Sandbox
 
@@ -1089,16 +1027,6 @@ Security sandbox SHOULD be enabled to provide additional protections for emails.
   - [T1566: Phishing](https://attack.mitre.org/techniques/T1566/)
     - [T1566:001: Phishing: Spearphishing Attachment](https://attack.mitre.org/techniques/T1566/001/)
 
-#### GWS.GMAIL.16.2v0.6
-Any third-party or outside application selected for security sandbox SHOULD offer services comparable to those offered by Google Workspace.
-
-[![Manual](https://img.shields.io/badge/Manual-046B9A)](#gwsgmail162v06-instructions)
-
-- _Rationale:_ Using third-party or outside applications for security sandbox that do not offer services comparable to those offered by GWS could potentially expose users to security risks. Using applications that offer comparable services reduces this risk, enhancing the safety and integrity of user data and systems.
-- _Last modified:_ July 2023
-- _NIST SP 800-53 Rev. 5 FedRAMP High Baseline Mapping:_ SI-3, SI-8
-- MITRE ATT&CK TTP Mapping
-  - None
 
 ### Resources
 
@@ -1125,8 +1053,6 @@ To configure the settings for Security sandbox or Security sandbox rules:
     4. Action to take if expressions match.
 7. Select **Save**.
 
-#### GWS.GMAIL.16.2v0.6 Instructions
-1.  There is no implementation steps for this policy.
 
 ## 17. Comprehensive Mail Storage
 

scubagoggles/mappings/scuba-to-nist-sp-800-53-r5-fedramp-high.csv

@@ -95,20 +95,17 @@ GWS.GMAIL.5.2v1,"SI-3, SI-8"
 GWS.GMAIL.5.3v1,"SI-3, SI-8"
 GWS.GMAIL.5.4v1,"SI-3, SI-8"
 GWS.GMAIL.5.5v1,"SI-3, SI-8"
-GWS.GMAIL.5.6v1,"SI-3, SI-8"
 GWS.GMAIL.6.1v1,"SI-3, SI-8"
 GWS.GMAIL.6.2v1,"SI-3, SI-8"
 GWS.GMAIL.6.3v1,"SI-4, SI-8, AT-2b"
 GWS.GMAIL.6.4v1,"SI-3, SI-8"
-GWS.GMAIL.6.5v1,"SI-3, SI-8"
 GWS.GMAIL.7.1v1,SI-8
 GWS.GMAIL.7.2v1,SI-8
 GWS.GMAIL.7.3v1,SI-8
 GWS.GMAIL.7.4v1,SI-8
 GWS.GMAIL.7.5v1,SI-8
 GWS.GMAIL.7.6v1,SI-8
 GWS.GMAIL.7.7v1,SI-8
-GWS.GMAIL.7.8v1,SI-8
 GWS.GMAIL.8.1v1,"CM-7, SI-3, SI-8"
 GWS.GMAIL.9.1v1,CM-7
 GWS.GMAIL.10.1v1,CM-7
@@ -117,9 +114,7 @@ GWS.GMAIL.12.1v1,AC-4
 GWS.GMAIL.13.1v1,AT-2b
 GWS.GMAIL.14.1v1,AC-4
 GWS.GMAIL.15.1v1,"SI-3, SI-8"
-GWS.GMAIL.15.2v1,"SI-3, SI-8"
 GWS.GMAIL.16.1v1,"SI-3, SI-8"
-GWS.GMAIL.16.2v1,"SI-3, SI-8"
 GWS.GMAIL.17.1v1,"SI-12, SC-7(10)"
 GWS.GMAIL.18.1v1,SI-8
 GWS.GMAIL.18.2v1,SI-8

scubagoggles/rego/Gmail.rego

@@ -469,23 +469,6 @@ if {
 }
 #--
 
-#
-# Baseline GWS.GMAIL.5.6
-#--
-# No implementation steps provided for this policy
-
-GmailId5_6 := utils.PolicyIdWithSuffix("GWS.GMAIL.5.6")
-
-tests contains {
-    "PolicyId": GmailId5_6,
-    "Prerequisites": [],
-    "Criticality": "Should/Not-Implemented",
-    "ReportDetails": "Currently not able to be tested automatically; please check manually.",
-    "ActualValue": "",
-    "RequirementMet": false,
-    "NoSuchEvent": false
-}
-#--
 
 ###############
 # GWS.GMAIL.6 #
@@ -639,22 +622,6 @@ if {
 }
 #--
 
-#
-# Baseline GWS.GMAIL.6.5
-#--
-
-GmailId6_5 := utils.PolicyIdWithSuffix("GWS.GMAIL.6.5")
-
-# No implementation steps provided for this policy
-tests contains {
-    "PolicyId": GmailId6_5,
-    "Prerequisites": [],
-    "Criticality": "Should/Not-Implemented",
-    "ReportDetails": "Currently not able to be tested automatically; please manually check.",
-    "ActualValue": "",
-    "RequirementMet": false,
-    "NoSuchEvent": false
-}
 
 ###############
 # GWS.GMAIL.7 #
@@ -935,23 +902,6 @@ if {
 }
 #--
 
-#
-# Baseline GWS.GMAIL.7.8
-#--
-
-GmailId7_8 := utils.PolicyIdWithSuffix("GWS.GMAIL.7.8")
-
-# No implementation steps provided for this policy
-tests contains {
-    "PolicyId": GmailId7_8,
-    "Prerequisites": [],
-    "Criticality": "Should/Not-Implemented",
-    "ReportDetails": "Currently not able to be tested automatically; please manually check.",
-    "ActualValue": "",
-    "RequirementMet": false,
-    "NoSuchEvent": false
-}
-#--
 
 ###############
 # GWS.GMAIL.8 #
@@ -1320,23 +1270,6 @@ if {
 }
 #--
 
-#
-# Baseline GWS.GMAIL.15.2
-#--
-
-GmailId15_2 := utils.PolicyIdWithSuffix("GWS.GMAIL.15.2")
-
-# No implementation steps provided for this policy
-tests contains {
-    "PolicyId": GmailId15_2,
-    "Prerequisites": [],
-    "Criticality": "Should/Not-Implemented",
-    "ReportDetails": "Currently not able to be tested automatically; please manually check.",
-    "ActualValue": "",
-    "RequirementMet": false,
-    "NoSuchEvent": false
-}
-#--
 
 ################
 # GWS.GMAIL.16 #
@@ -1397,23 +1330,6 @@ if {
 }
 #--
 
-#
-# Baseline GWS.GMAIL.16.2
-#--
-
-GmailId16_2 := utils.PolicyIdWithSuffix("GWS.GMAIL.16.2")
-
-# No implementation steps provided for this policy
-tests contains {
-    "PolicyId": GmailId16_2,
-    "Prerequisites": [],
-    "Criticality": "Should/Not-Implemented",
-    "ReportDetails": "Currently not able to be tested automatically; please manually check.",
-    "ActualValue": "",
-    "RequirementMet": false,
-    "NoSuchEvent": false
-}
-#--
 
 ################
 # GWS.GMAIL.17 #