Skip to content

Network-25409: Global Secure Access Web content filtering controls internet access based on website categories #745

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
ashwinikarke wants to merge 9 commits into
base: main
Choose a base branch
from
Open

Network-25409: Global Secure Access Web content filtering controls internet access based on website categories #745

ashwinikarke wants to merge 9 commits into from
+323 −0

Conversation

@ashwinikarke
Copy link
Collaborator

@ashwinikarke ashwinikarke commented Jan 6, 2026

No description provided.

@ashwinikarke ashwinikarke self-assigned this Jan 6, 2026
@ashwinikarke ashwinikarke marked this pull request as ready for review January 8, 2026 08:50
@alexandair alexandair requested a review from Copilot January 8, 2026 08:50
Copilot AI reviewed Jan 8, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This pull request adds a new test (Test-Assessment.25409) for validating web content filtering policies based on website categories in Global Secure Access. The test checks whether webCategory rules are configured and properly applied through either the Baseline Profile or security profiles linked to active Conditional Access policies.

Key Changes

  • Adds comprehensive test logic to validate web content filtering by website categories
  • Implements detailed reporting with markdown tables showing filtering policies, profiles, and Conditional Access linkages
  • Includes proper error handling for Graph API calls

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.

File Description
src/powershell/tests/Test-Assessment.25409.ps1 New PowerShell test function that queries filtering policies and profiles, validates webCategory rules, checks Baseline and Security Profile configurations, and generates detailed markdown reports
src/powershell/tests/Test-Assessment.25409.md Documentation explaining the security risks of not having web content filtering and providing remediation guidance with links to Microsoft Learn articles

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@ashwinikarke ashwinikarke changed the title Network-25409: Adding test Network-25409: Global Secure Access Web content filtering controls internet access based on website categories Jan 8, 2026
@ashwinikarke ashwinikarke requested a review from merill January 8, 2026 10:32
alexandair
alexandair reviewed Jan 8, 2026
View reviewed changes
Copy link
Collaborator

@alexandair alexandair left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@ashwinikarke Please, address my feedback.

src/powershell/tests/Test-Assessment.25409.ps1 Outdated
$policyName = $wcfPolicy.name

# Get full policy details with rules to check for webCategory
$policyDetails = Invoke-ZtGraphRequest -RelativeUri "networkAccess/filteringPolicies/$policyId`?`$select=id,name,action&`$expand=policyRules" -ApiVersion beta
Copy link
Collaborator

@alexandair alexandair Jan 8, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Where is $select=id,name,action specified in the spec?
I don't see the action property used later?

Copy link
Collaborator Author

@ashwinikarke ashwinikarke Jan 9, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@alexandair I’ve updated it, the spec uses version, not action, so corrected $select to match the spec.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@alexandair alexandair alexandair left review comments

Copilot code review Copilot Copilot left review comments

@merill merill Awaiting requested review from merill

At least 1 approving review is required to merge this pull request.

Assignees

@ashwinikarke ashwinikarke

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@ashwinikarke @alexandair