ScanPosture continuously scans your Microsoft 365 environment for identity security misconfigurations. No security team needed. Results in minutes.
The Problem
Cyber insurers are tightening requirements. If you can't evidence MFA enforcement and access controls, your claim could be voided — even if you're paying the premium.
Enterprise clients and public sector contracts increasingly require Cyber Essentials certification. Without visibility into your identity posture, you can't answer their security questionnaires.
Most SMBs have no idea who has admin access, which accounts lack MFA, or what OAuth apps have been granted permissions. You can't fix what you can't see.
What We Scan
MFA gaps, privileged role sprawl, inactive admin accounts, PIM configuration, conditional access policy gaps.
Stale accounts, dormant users, guest access without review, legacy authentication, self-service password reset gaps.
OAuth apps with excessive permissions, service principals with owner-level access, AI agent OAuth grants, managed identity risks.
SharePoint anonymous links, Exchange mail forwarding rules, Teams external access, DMARC and DKIM configuration.
Compares every scan against the last. Flags new Global Admins, removed MFA registrations, changed conditional access policies.
Every finding mapped to Cyber Essentials, ISO 27001, UK GDPR, and cyber insurance requirements. Evidence pack on demand.
Platform Coverage
ScanPosture starts with Microsoft 365 and Azure AD — the identity layer for most UK SMBs. More platforms coming as we grow.
Live
Coming Soon
Roadmap
Security Checks
103+ security checks across authentication, access control, apps, and compliance. Every finding includes severity, compliance mapping, and fix instructions.
3 of your 5 Global Administrator accounts have no MFA registered. A compromised admin account gives an attacker full control of your Microsoft 365 environment.
2 mailboxes have active forwarding rules sending copies of all email to external addresses. This is a common indicator of account compromise.
Legacy authentication protocols are enabled, allowing sign-ins that bypass MFA. This is how most Microsoft 365 accounts are compromised.
Your SharePoint tenant allows 'Anyone' links — files shared this way are accessible to anyone on the internet without authentication.
14 guest accounts have had access for over 90 days with no review. Former contractors and partners may still have access to your data.
Sign-in risk policies are not enforced. High-risk sign-ins from unusual locations are not being blocked or challenged.
Plus 97 more checks covering MFA quality, conditional access gaps, stale accounts, app credentials, tenant configuration, and identity risk detection.
Compliance
ScanPosture maps every finding to the frameworks your business actually needs to comply with.
Cyber Essentials
UK Government Scheme
Cyber Insurance
Insurer Requirements
ISO 27001
Information Security
UK GDPR
Data Protection
NIST CSF
Cybersecurity Framework
SRA
Solicitors Regulation
Insurers are tightening identity security requirements. Claims are being challenged when organisations can’t evidence MFA enforcement, privileged access controls, and conditional access policies. ScanPosture gives you continuous proof that your controls are in place.
Simple Pricing
Enterprise security scanning at a fraction of the cost.
One-off assessment
Continuous scanning
From £250/month for 100 users
£2.00/user at 101+ · £1.50/user at 501+
Save 10% with annual billing
Full IAM platform
How It Works
Connect your Microsoft 365 tenant in under 2 minutes. Read-only permissions. No agents to install.
ScanPosture runs 103+ security checks across your Azure AD, users, apps, and configurations.
Every finding comes with plain English remediation steps and direct links to the Azure portal — no security expertise required.
Daily scans detect drift. Get alerted when something changes. Track your security score improving over time.
Built by Practitioners
Built by enterprise infrastructure practitioners with 30+ years of experience securing identity environments for organisations including NHS trusts, insurers, and financial services firms. We built ScanPosture because we saw the same Azure AD misconfigurations at every SMB we worked with — and no tool existed at a price they could afford.
Roadmap
Beta live
Scanning Microsoft 365 and Azure AD
103+ security checks
Identity, access, apps, compliance
Compliance mapping
Cyber Essentials, ISO 27001, GDPR
Access reviews & MSP portal
Coming soon
AWS IAM & Google Workspace
On the roadmap
Be among the first UK businesses to know exactly who can access what.
Free during beta · No credit card required