Work fast with our official CLI. Learn more. If nothing happens, download GitHub Desktop and try again. If nothing happens, download Xcode and try again. There was a problem preparing your codespace, please try again. ORCA is a report that you can run in your environment which can highlight known configuration issues and improvements which can impact your experience with Microsoft Defender for Office formerly Office Advanced Threat Protection. The configuration health index is a weighted value representing your configuration.
Not all configuration is considered and some configuration is weighted higher than others. The index is represented as a percentage. How the configuration impacts the configuration health index is shown next to the recommendation in the report below as a positive or negative number. The impact to your security posture is a large consideration factor when rating the configuration.
Then, you'll need ORCA. It's that simple! At the conclusion, your default browser will open with a report detailing the recommendations. We're completely open source and as matter of fact we also use some open source components in our report.
We will push new rule definitions out by releasing a new version. Every time you run Get-ORCAReport, we check to see if you have the latest version and if not; we will prompt you to update via the console and also in the report.
There is definitely a lot of value in running your Office environment with Microsoft Defender for Office , for instance:.
However, there are also some checks within ORCA that are not Microsoft Defender for Office specific which can impact the operation of Microsoft Defender for Office and security within an Office tenant. We now support outputting to different formats which can be useful for different purposes, such as tracking trending over time. If the following isn't good enough for your purpose, don't despair, the output is fully modular. You can create your own output type by creating your own "output-name.
You'll need to create a class that extends the "ORCAOutput" class, and you'll need to implement an override for the RunOutput function. Easiest way is just to copy one of the exsting ps1's to make your own if you need to, that is.. Output flatted in to two CSV files, one for an overview, one for detail on each config item. Useful for storing your results, trending, or displaying in a interface PowerBI example coming soon. You can find this on the PowerShell Gallery.
The key that we will use is 'id' in the CosmosDB. Make sure you specify this as your key when you create your collection. Skip to content. Star This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository. Branches Tags. Could not load branches. Could not load tags. Launching Xcode If nothing happens, download Xcode and try again.
Launching Visual Studio Code Your codespace will open once ready. Latest commit. Git stats commits. Failed to load latest commit information. View code. How do I run it? What if I have issues? License FAQ Is it kept up to date? What if I don't have Microsoft Defender for Office ? What is Configuration Health Index The configuration health index is a weighted value representing your configuration.
Sounds good! You will need the Exchange Online Management Shell first. Log an Issue via the Issues tab in GitHub! License We're completely open source and as matter of fact we also use some open source components in our report. There is definitely a lot of value in running your Office environment with Microsoft Defender for Office , for instance: Automatic incident response capabilities Attack simulation capabilities Behavioural analysis sandboxing of malware Time of click protection for malicious URLs Advanced anti-phishing controls However, there are also some checks within ORCA that are not Microsoft Defender for Office specific which can impact the operation of Microsoft Defender for Office and security within an Office tenant.
Outputs We now support outputting to different formats which can be useful for different purposes, such as tracking trending over time. Releases No releases published. Packages 0 No packages published. Contributors 6. You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window.