ROOTM365

1.0.1

SHELL/2.1.5.ps1

                                $CheckId = "2.1.5"

$Title = "Ensure Safe Attachments for SharePoint, OneDrive, and Microsoft Teams is Enabled"

try {

    $Policies = Get-AtpPolicyForO365 | Select-Object Name,EnableATPForSPOTeamsODB,EnableSafeDocs,AllowSafeDocsOpen

    $Compliant = $Policies | Where-Object {

        $_.EnableATPForSPOTeamsODB -eq $true -and

        $_.EnableSafeDocs -eq $true -and

        $_.AllowSafeDocsOpen -eq $false

    }

    $Pass = @($Compliant).Count -gt 0

    [pscustomobject]@{

        CheckId   = $CheckId

        Title     = $Title

        Status    = if ($Pass) { "PASS" } else { "FAIL" }

        Pass      = $Pass

        Evidence  = [pscustomobject]@{

            Policies  = @($Policies)

            Compliant = @($Compliant)

        }

        Error     = $null

        Timestamp = Get-Date

    }

}

catch {

    [pscustomobject]@{

        CheckId   = $CheckId

        Title     = $Title

        Status    = "ERROR"

        Pass      = $null

        Evidence  = $null

        Error     = $_.Exception.Message

        Timestamp = Get-Date

    }

}