Microsoft-first · Entra ID · Read-only

One operating layer for Microsoft 365 security posture

Assess Microsoft 365 and Entra ID posture, prioritise remediation, monitor drift, and produce evidence that stays current between reviews.

View how it works

Read-only OAuth connection  ·  No agents  ·  No password collection  ·  No tenant changes during scanning

One page for what changed, what matters, and what you can evidence

Score movement, open findings, priority actions, framework readiness, and what changed between completed scans — on one page.

demo.scanposture.com/dashboard
Dashboard
Security posture overview · Last scan 2d ago
Run Scan
87B
Strong Posture
Stable since last scan
2d ago
How scoring works
Open findings
18
1 critical · 9 high · 7 medium · 1 low
Scan coverage
52
checks assessed
Avg 0.2d to resolve
Critical
1
Immediate attention required
Resolved
0
this month
Top Actions to Improve Your Score
View All →
Estimated impact on your overall ScanPosture score
1CRITICAL
OAuth Apps With Excessive Consent Grants
CE User Access ControlNon Hu…
+4.1pts
2HIGH
Inactive Accounts Over 90 Days
CE User Access ControlAccoun…
+2.2pts
3MEDIUM
App Registrations With Expiring Credentials
CE App SecurityApp Reg…
+2.2pts
What Changed This Scan
View All →
Compared with the previous completed scan
1 change1 resolved
Posture improved. 1 finding resolved this scan.
RESOLVEDExcessive Global AdministratorsCRITICAL
1 change detected
Ask your posture
Explore the platform
United Kingdom

Stored in the UK

Hosted in London. No US round-trip.

Read Your data
Read only

Zero write scopes

Every Graph permission is read-scoped.

Read Security
Microsoft

Verified publisher

Visible in the Global Admin consent screen.

Read Security
Sub-processors

8 vendors, listed

Each one named, with purpose and region.

Read Sub-processors

Framework readiness

Eight readiness views, defensibly bounded

Findings re-projected against eight recognised frameworks. Each view shows observable readiness within ScanPosture’s assessment scope — not certification, not audit sign-off.

Explore framework readiness
Cyber Essentials
ISO 27001:2022
GDPR Article 32
NIST CSF 2.0
NIST SP 800-53
CIS Controls v8.1
SOC 2
NCSC CAF 4.0

Observable readiness, not certification or audit outcome.

Microsoft 365 posture is hard to evidence from admin centres alone

Security-relevant settings live across multiple Microsoft portals, policies, users, groups, applications, collaboration controls, audit settings, and device signals. Reviews become slow, inconsistent, and difficult to evidence.

Fragmented visibility

Important posture signals are spread across Entra ID, Microsoft 365 admin surfaces, security settings, collaboration controls, and device posture.

Weak prioritisation

Raw findings do not tell teams what to fix first. ScanPosture focuses attention on control weakness, severity, and estimated posture impact.

Stale evidence

Screenshots and spreadsheets age quickly. Recurring scans create evidence that can be refreshed and compared over time.

Built differently to do this properly

A control-assurance operating layer for Microsoft 365 — not another scanner, not a static report, and not yet another dashboard.

Control model, not raw checklist

Findings are weighted by control impact and posture-score movement, so teams focus on the changes that actually move readiness — not the longest issue list.

Drift over snapshots

Each completed scan compares against the previous. New, returned, resolved and changed findings are surfaced explicitly — improvement is provable, not asserted.

Evidence-led, not screenshot-led

Every output is dated, comparable and exportable. Replaces ad-hoc spreadsheets and one-off consultancy reviews with refreshable evidence.

MSP-ready operating layer

The same engine that powers a single tenant powers the multi-tenant fleet view. Branded reports, per-client drift and recurring service evidence are first-class.

From connection to evidence, in four steps

1

Connect Microsoft 365

Read-only OAuth consent. No agent. No password collection.

OAuth · Read-only

2

Run a posture scan

ScanPosture assesses observable controls across Microsoft 365 and Entra ID.

201 checks

3

Review risk and readiness

See posture score, priority actions, framework readiness, and what changed.

Score · Actions

4

Maintain assurance

Refresh evidence, monitor drift, and track improvement over time.

Drift · Trend

Every completed scan

Posture score, open findings, and what changed this scan

ScanPosture turns technical signals into a readable posture view. Each scan produces a structured set of artefacts that teams, leadership, and assessors can act on.

Posture score

A weighted score across 9 control domains, with movement vs the previous completed scan.

Open findings

Grouped by severity (critical / high / medium / low) with affected counts and trend.

Priority actions

Ranked by estimated score impact so teams fix the changes that move readiness most.

Affected controls

Findings rolled up to the control they evidence, across identity, access, apps and audit.

Framework readiness

Eight readiness views — observable alignment within ScanPosture’s assessment scope.

Evidence and reports

Executive summaries, framework readiness packs, evidence snapshots, exportable findings.

Priority actions with remediation detail

ScanPosture highlights the actions most likely to improve the overall ScanPosture score. Each action links to the affected control, severity, evidence, and remediation guidance.

CRITICAL

Require MFA for all users

Identity & Authentication

HIGH

Block legacy authentication

Conditional Access

HIGH

Review privileged role assignments

Privileged Access

MEDIUM

Restrict anonymous sharing

Data Access & Collaboration

Estimated impact on overall ScanPosture score shown — not on any individual framework readiness view.

What changed since the last completed scan

Every scan is compared against the previous completed scan, so teams can see what is new, what returned, what was resolved, and what changed.

New

First detected in the latest completed scan.

Returned

Seen historically before, absent in the previous completed scan, present again now.

Resolved

Present in the previous completed scan, absent from the latest completed scan.

Changed

Existing finding or control state changed severity, evidence, scope, or affected objects.

Read-only by design

Read-only access. No agents. No tenant changes.

ScanPosture connects via Microsoft OAuth with read-only permissions. Configuration and posture signals are assessed — policies, users, roles and tenant settings are not changed during scanning.

No passwords collected

OAuth-only. ScanPosture never stores or processes Microsoft account passwords.

No agent deployment

Cloud-side only. Nothing to install on endpoints, servers or domain controllers.

No write permissions

Every Microsoft Graph permission ScanPosture asks for is read-scoped. Verifiable in the consent screen.

Visible at consent

Your Global Administrator sees the full permission list before granting access.

No silent remediation

Findings are surfaced. Nothing is automatically changed. Future write actions require explicit authorisation.

Removable connection

Customers can revoke ScanPosture’s tenant access at any time from the Microsoft admin centre.

One platform, two operating models

Run posture against your own Microsoft tenant — or operate recurring assurance across every customer tenant you manage.

Partner — fleet view across managed tenants

app.scanposture.com/msp
Good afternoon, Sarah Thompson
A portfolio operating view of posture, attention, and remediation across your managed estate.
Latest scan·21h ago
Portfolio posture·Last 30 days·58 clients
Improving
94/100A
+11
Strong posture
Posture is improving — up 11 points across the estate over 30 days. 3 clients can’t be scanned until their Microsoft connections are restored — posture coverage is incomplete until reconnected.
6080998 Apr15 Apr23 Apr30 Apr7 May
Critical exposure
18
Across 12 clients
Aged criticals
14
Over 90 days · 11 clients
Need attention
15
Critical, blocked, or stale
Closed this week
190
Findings resolved across the estate
Users protected
26,990
Observed Microsoft 365 users
Recent scan movement
Net improvement this period
Closures outpaced new exposure across completed client scans.
New
47
Resolved
95
Net movement
−48

Direct customer

For Microsoft-first organisations

Understand control posture, prioritise remediation, and produce current evidence without relying on spreadsheets or one-off reviews.

View platform

Partner

For MSPs

Monitor customer posture, produce recurring evidence, support service reviews, and show improvement across managed tenants.

Explore MSP

See what changed, what matters, and what evidence you can defend.

Built for Microsoft-first SMBs and MSPs that need clearer posture evidence without enterprise complexity.

From £350 / month · Per Entra user, not per administrator · Ex VAT — cancel any time

View platform