O365Validatorby Trifident

Demo Assessment

This is sample data for demonstration purposes. Connect your Microsoft 365 tenant to run a real assessment.

Back to Home

Assessment Results
DEMO

Demo Company - democompany.onmicrosoft.com

2h ago
Status: completed

Security Score

0out of 100
Grade D

Below average, attention needed

Demo Company

democompany.onmicrosoft.com

Modern MFA

All users protected

Total Users

165

Guest Users

34

Global Admins
4
Admin Account
Mike Chen
Emergency Admin
IT Service

CA Policies

6

Users at Risk
7
John Smith
Sarah Johnson
Bob Wilson
Alice Brown
Carol Davis
David Miller
Emma Wilson

Summary

3Critical
7High
5Medium
2Low
45Passed
0N/A

Remediation Estimate

Time and cost to fix all identified issues

Save with Pro

9.9

Man-Hours

Critical:3h
High:5.2h
Medium:1.3h
Low:0.4h

$1,970

Estimated Cost

Low ($150/hr):$1,478
Mid ($200/hr):$1,970
High ($250/hr):$2,463
Pro Auto-Fix

3 issues

can be auto-fixed

Category Breakdown

Security posture by service area

Identity & Access

Entra ID Security

31 passed
17 failed
0%
48 total checks

Email Security

Exchange Online

21 passed
7 failed
0%
28 total checks

Threat Protection

Microsoft Defender

9 passed
9 failed
0%
18 total checks

Teams & Meetings

Microsoft Teams

10 passed
2 failed
0%
12 total checks

File Sharing

SharePoint & OneDrive

16 passed
4 failed
0%
20 total checks

Apps & Automation

Power Platform

8 passed
2 failed
0%
10 total checks

Device Management

Microsoft Intune

4 passed
2 failed
0%
6 total checks

Data Governance

Microsoft Purview

No check data available
0%
Re-run assessment to collect data

Security Findings

17 issues
Filter:

3 issues can be auto-fixed

PRO

Save hours of manual work with one-click automated remediation

CRITICAL
MS.AAD.1.1

Legacy authentication not blocked

No Conditional Access policy blocks legacy authentication protocols. 142 users may be using outdated authentication methods.

30 minutes
CRITICAL
MS.AAD.7.4

Suspicious OAuth apps detected

2 applications with suspicious permission patterns detected. These apps have sensitive permissions but lack verified publisher status.

30 minutes
CRITICAL
MS.AAD.3.8

MFA not enforced for all users

23 of 165 users (14%) do not have MFA enforced. These accounts are vulnerable to credential-based attacks.

1 hour
HIGH
MS.AAD.6.1

Review Global Administrator count

4 Global Administrator accounts detected. While within limits, consider using least-privilege roles.

15 minutes
HIGH
MS.AAD.7.1

User consent to apps enabled

User consent is enabled, allowing users to grant OAuth permissions to third-party apps without admin review.

10 minutes
HIGH
MS.AAD.7.5

Recent OAuth grants need review

1 OAuth permission grant in the last 30 days. Review to ensure these are legitimate business applications.

20 minutes
HIGH
MS.EXO.4.1

External forwarding allowed

External mail forwarding is not blocked. 3 mailbox forwarding rules sending mail to external addresses.

15 minutes
HIGH
MS.AAD.5.3

Synced privileged accounts detected

2 accounts with privileged roles are synced from on-premises Active Directory, increasing attack surface.

2 hours