Services Security Assessment
Entry point · All audiences

Microsoft 365 Tenant
Security Assessment

A structured, independent review of your current security posture. Know exactly what's exposed, what's misconfigured, and what to address first — within 5 working days. Fixed price. No obligation to proceed further.

Delivery5 working days
FormatRemote · Read-only access
Suitable forAll environments · BP · E3 · E5
Starting fromUSD $1,200

What the assessment covers

The assessment examines six areas of your Microsoft 365 tenant using read-only delegated access. No changes are made during the review. The output is a prioritised findings report with clear remediation guidance.

01
Identity exposure

Sign-in risk events, accounts with MFA not registered, legacy authentication still active, risky sign-in patterns, service account exposure, and guest account inventory review.

02
Conditional Access posture

Policy coverage gaps — what's excluded, what's not enforced, what's in report-only. Sign-in scenarios falling outside all policies. Admin vs user policy separation.

03
Privileged role review

Global Admin count and usage pattern review. Permanent vs eligible assignments. Non-human accounts in privileged roles. Break-glass account configuration.

04
Mail security posture

Anti-phishing configuration, Safe Links and Safe Attachments deployment, SPF/DKIM/DMARC alignment, mail flow rule review for bypass patterns.

05
Defender readiness

Defender for Endpoint onboarding coverage, Defender for Office 365 configuration, Identity integration status, Cloud App Security signal review where licensed.

06
Compliance visibility

Microsoft Secure Score analysis, Compliance Manager posture, audit log enablement, DLP policy coverage, and basic data classification posture.

What you receive

Written findings report

A structured document covering every finding with severity classification, plain-language explanation of the risk, and specific remediation guidance. No 80-page generic framework report — a concise, actionable document written for your environment.

Prioritised remediation roadmap

Findings ranked by risk priority with a suggested sequence — addressing the highest-risk items first without disrupting operations. Practical, not theoretical.

Findings walkthrough session

A 60–90 minute video call walking through every finding, explaining the rationale, and answering questions from you and your team. Recorded if you need it for internal stakeholder sharing.

Licensing capability note

Where a finding could be addressed within your current license at no additional cost, that's noted. Where an upgrade would meaningfully change the outcome, that's included — with honest context on whether it's worth it.

How the process works

1
Initial 30-min call

Understand your environment, your team's capacity, and your primary concerns. No technical access required at this stage.

2
Read-only delegated access

A guest Security Reader account is provisioned in your tenant. Read-only. No changes made. Removed after assessment delivery.

3
Tenant review — 2–3 days

Assessment conducted across all six areas. Findings documented with severity ratings and remediation guidance written specifically for your environment.

4
Findings delivery and walkthrough

Written report delivered, followed by a 60–90 minute walkthrough session. Questions answered. Next steps discussed.

Starting from
USD $1,200
₹1,00,000
Fixed price · 5-day delivery · All M365 plans
Book a free scoping call Send a message instead
Good for
Solo business owners on Microsoft 365
SMBs with 10–500 users
IT managers inheriting an existing tenant
Organisations before a compliance review
Teams considering a larger security engagement
Related case study

Assessment-led engagement in healthcare

Named client · US
Bronzeville Healthcare Solutions Inc
Healthcare services · US · 200–350 users

Assessment identified shared workstation exposure, incomplete MFA rollout, and permanent privileged assignments as the three highest-risk areas. Remediation followed assessment delivery using findings as the architectural brief.

View all case studies →

Ready to find out where
you actually stand?

Book a free 20-minute call. No technical preparation needed — just describe your environment and what's prompted you to look at security now.