Observation and audit platform for your Microsoft Entra ID tenant.
A focused, audit-only platform built around the CIS Microsoft 365 Benchmark v6.0.1. No bloat. No telemetry. No data leaving your browser.
Each module covers one part of the audit lifecycle. No unused features cluttering the interface.
Pick a baseline and run the audit. Parallel execution against Microsoft Graph. Real-time score donut, live findings as they appear.
Browse the full 253 CIS controls catalog. Filter by CIS level, M365 service, status. Inspect remediation steps and Microsoft Learn references.
Findings ranked by severity (FAIL / WARN). Mapped to CIS reference and M365 service. Each finding includes the actionable remediation steps.
Microsoft Entra directoryAudits journal. Configuration changes, role updates, app creations. Full Graph payload available per event.
Recent sign-in logs: successes, failures, CA blocks, MFA challenges. Source IP, geolocation, client application. Filter and export.
23 high-priority items covering MFA, PIM, applications, CA, monitoring, external access. Synchronizable with audit results. Microsoft Learn links per step.
Local audit history. Compliance score trend over the last 10 runs. Reload past audits, export individual runs, monitor your posture progression.
Zero Trust posture score, SCuBA baselines, multi-tenant management.
Five preset baselines cover the most common audit scenarios. One click selects the relevant controls.
| Baseline | Controls | Target | Time |
|---|---|---|---|
|
Quick
|
15 | First diagnostic, fast verification, periodic check | ~5 min |
|
CIS L1
Recommended
|
197 | Production baseline for most M365 tenants | ~12 min |
|
CIS L2
|
56 | Hardened controls for regulated industries | ~6 min |
|
Zero Trust
|
128 | Identity-focused controls aligned with Microsoft ZT | ~9 min |
|
Full
|
253 | Complete CIS Microsoft 365 catalog audit | ~15 min |
Every control is mapped to one of the 12 core M365 services. The catalog is updated with each CIS Benchmark release.
Each audit can be exported in the format your audience needs — from the board to the SIEM.
Multi-page formatted report with score, breakdown by service, top findings, and remediation summary.
Full audit data in tabular form. Filterable columns, ready for pivot tables and team workflows.
Standalone HTML with searchable findings, KPIs, severity filter, drawer for raw data. Print-friendly.
Machine-readable audit output. Integrate with SIEM, ticketing system, or compliance tracking platform.
Lightweight comma-separated format. Universal compatibility with any spreadsheet or analytics tool.
Compact, human-readable summary. Perfect for ticket descriptions, email attachments, or quick scanning.
Minimal Microsoft Graph permissions, all read-only. No write permissions are ever requested or granted. Period.
All permissions below are read-only. Entra GUARD cannot create, modify, or delete anything in your tenant.
Both are valuable. They measure different things. Here's the honest breakdown.
| Criterion | Microsoft Secure Score | Entra GUARD |
|---|---|---|
| Number of checks | ~80 (varies by license) | 253 (CIS v6.0.1) |
| Reference standard | Microsoft-defined | CIS Microsoft 365 Benchmark |
| Severity breakdown | Single score | FAIL / WARN / MANUAL / SKIPPED |
| Service mapping | Limited | 12 M365 services tagged |
| Preset baselines | None | 5 (Quick · L1 · L2 · ZT · Full) |
| Remediation per finding | Generic steps | Per-control, with MS Learn links |
| Export formats | CSV / Excel | PDF · XLSX · HTML · JSON · CSV · TXT |
| Data location | Microsoft cloud | 100% browser, never transmitted |
| Use case | Continuous baseline tracking | Deep audit + actionable plan |
We recommend using both. Secure Score for daily tracking, Entra GUARD for in-depth audits and compliance evidence.
Test all seven modules with a fictitious tenant. No sign-up. No data shared. Free.