Microsoft-first · Entra ID · Read-only

One operating layer for Microsoft 365 security posture

ScanPosture connects read-only to Microsoft 365 and Entra ID, assesses observable control posture, prioritises remediation, monitors drift, and keeps evidence current between reviews.

Read-only OAuth connection  ·  No agents  ·  No password collection  ·  No tenant changes during scanning

One page for what changed, what matters, and what you can evidence

Score movement, open findings, priority actions, framework readiness, and what changed between completed scans — on one page.

demo.scanposture.com/dashboard
Dashboard
Security posture overview · Last scan 2d ago
Run Scan
87B
Strong Posture
Stable since last scan
2d ago
How scoring works
Open findings
18
1 critical · 9 high · 7 medium · 1 low
Scan coverage
52
checks assessed
Avg 0.2d to resolve
Critical
1
Immediate attention required
Resolved
0
this month
Top Actions to Improve Your Score
View All →
Estimated impact on your overall ScanPosture score
1CRITICAL
OAuth Apps With Excessive Consent Grants
CE User Access ControlNon Hu…
+4.1pts
2HIGH
Inactive Accounts Over 90 Days
CE User Access ControlAccoun…
+2.2pts
3MEDIUM
App Registrations With Expiring Credentials
CE App SecurityApp Reg…
+2.2pts
What Changed This Scan
View All →
Compared with the previous completed scan
1 change1 resolved
Posture improved — 1 finding was resolved this scan.
RESOLVEDExcessive Global Administrator Ac…CRITICAL
1 change detected
Ask your posture

Microsoft 365 posture is hard to evidence from admin centres alone

Security-relevant settings live across multiple Microsoft portals, policies, users, groups, applications, collaboration controls, audit settings, and device signals. Reviews become slow, inconsistent, and difficult to evidence.

Fragmented visibility

Important posture signals are spread across Entra ID, Microsoft 365 admin surfaces, security settings, collaboration controls, and device posture.

Weak prioritisation

Raw findings do not tell teams what to fix first. ScanPosture focuses attention on control weakness, severity, and estimated posture impact.

Stale evidence

Screenshots and spreadsheets age quickly. Recurring scans create evidence that can be refreshed and compared over time.

More than a dashboard

ScanPosture helps teams understand control weakness, prioritise remediation, monitor drift, and produce evidence that stays current.

Understand control weakness

Readable posture across identity, access, applications, collaboration, logging, and device controls.

Prioritise what matters

Severity, control impact, and estimated score movement help teams focus on the highest-value remediation first.

Keep evidence current

Repeatable scans, readiness mapping, and historical outputs replace stale screenshots and ad-hoc spreadsheets.

From connection to evidence, in four steps

1

Connect Microsoft 365

Read-only OAuth consent. No agent. No password collection.

OAuth · Read-only

2

Run a posture scan

ScanPosture assesses observable controls across Microsoft 365 and Entra ID.

201 checks

3

Review risk and readiness

See posture score, priority actions, framework readiness, and what changed.

Score · Actions

4

Maintain assurance

Refresh evidence, monitor drift, and track improvement over time.

Drift · Trend

Posture score, open findings, and what changed this scan

ScanPosture turns technical signals into a readable posture view, including open findings, priority actions, affected controls, framework readiness, and movement between completed scans.

Every completed scan produces

  • Overall ScanPosture score
  • Open findings by severity
  • Priority actions
  • Affected controls
  • Framework readiness
  • What changed since the previous completed scan
  • Evidence and report outputs

Priority actions with remediation detail

ScanPosture highlights the actions most likely to improve the overall ScanPosture score. Each action links to the affected control, severity, evidence, and remediation guidance.

CRITICAL

Require MFA for all users

Identity & Authentication

HIGH

Block legacy authentication

Conditional Access

HIGH

Review privileged role assignments

Privileged Access

MEDIUM

Restrict anonymous sharing

Data Access & Collaboration

Estimated impact on overall ScanPosture score shown — not on any individual framework readiness view.

What changed since the last completed scan

Every scan is compared against the previous completed scan, so teams can see what is new, what returned, what was resolved, and what changed.

New

First detected in the latest completed scan.

Returned

Seen historically before, absent in the previous completed scan, present again now.

Resolved

Present in the previous completed scan, absent from the latest completed scan.

Changed

Existing finding or control state changed severity, evidence, scope, or affected objects.

Evidence that refreshes itself

Replace point-in-time screenshots with structured evidence that can be refreshed for leadership, customers, insurers, procurement reviews, and internal governance.

Readiness views show observable technical alignment within ScanPosture’s assessment scope. They do not certify compliance.

Report outputs

  • Executive posture reports
  • Framework readiness summaries
  • Evidence snapshots
  • Remediation history
  • Scan comparison outputs
  • Exportable findings and actions

Read-only access. No agents. No tenant changes.

ScanPosture connects using Microsoft OAuth with read-only permissions. It assesses configuration and posture signals, but does not change policies, users, roles, or tenant settings during scanning.

  • No passwords collected
  • No agent deployment
  • No write permissions for scanning
  • OAuth permissions visible during consent
  • No automatic remediation without explicit future authorisation
  • Tenant connection can be removed

Built for internal IT teams and MSPs

Use ScanPosture to understand posture in your own Microsoft tenant or operate recurring assurance across managed customer environments.

Direct customer

For Microsoft-first organisations

Understand control posture, prioritise remediation, and produce current evidence without relying on spreadsheets or one-off reviews.

View platform

Partner

For MSPs

Monitor customer posture, produce recurring evidence, support service reviews, and show improvement across managed tenants.

Explore MSP

See what changed, what matters, and what evidence you can defend.

Built for Microsoft-first SMBs and MSPs that need clearer posture evidence without enterprise complexity.

Read-only OAuth · Recurring assurance · No sales script