Achieve Federal-Grade M365 Security: Governing with Qualys SSPM and SCuBA

Thursday, May 14, 2026 at 04:00 PM UTC·Source: Qualys Blog

Updated: Thursday, May 14, 2026 at 04:01 PM UTC

Executive Summary

Qualys SaaS Security Posture Management (SSPM) introduces native support for the Secure Cloud Business Applications (SCuBA) compliance framework, bringing CISA’s toughest M365 security benchmarks directly into your continuous posture monitoring workflow. Key Takeaways What Is SCuBA and Why Does It Matter for Enterprise Security The Secure Cloud Business Applications (SCuBA) project is a cybe

Analysis

Source Attribution

Originally published by Qualys Blog on May 14, 2026.

Related Threats

MEDIUMVulnerability

Zopa and ClearScore sign up 22 members for GenAI upskilling push

Zopa Bank and ClearScore have signed up 22 members to their coalition dedicated to upskilling 100,000 fintech and banking professionals in AI disciplines by 2030.

2h agoFinextra

CRITICALVulnerability

NVD CRITICAL: CVE-2018-25335 — WordPress Plugin Peugeot Music 1.0 contains an arbitrary file upload vulnerabili...

WordPress Plugin Peugeot Music 1.0 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by sending POST requests to the upload.php endpoint. Attackers can upload files with arbitrary extensions by manipulating the 'name' parameter to execute code from the uploads directory.

CVE-2018-25335

13h agoNIST NVD

CRITICALVulnerability

NVD CRITICAL: CVE-2018-25332 — GitBucket 4.23.1 contains an unauthenticated remote code execution vulnerability...

GitBucket 4.23.1 contains an unauthenticated remote code execution vulnerability that allows attackers to execute arbitrary commands by exploiting weak secret token generation and insecure file upload functionality. Attackers can brute-force the Blowfish encryption key, upload a malicious JAR plugin via the git-lfs endpoint, and execute system commands through an exposed exploit endpoint.

CVE-2018-25332

13h agoNIST NVD