20+ checks covering industry defined security best practices for Microsoft 365. Includes full support for CIS v1.4
compliance benchmarks across all of your Microsoft 365 tenants.
Includes full support for the CIS v1.4.0 Microsoft 365 benchmarks.
Includes support for:
Download and install Steampipe (https://steampipe.io/downloads). Or use Brew:
brew tap turbot/tap
brew install steampipe
Install the Azure Active Directory and the Microsoft 365 plugins with Steampipe:
steampipe plugin install azuread
steampipe plugin install microsoft365
Clone:
git clone https://github.com/turbot/steampipe-mod-microsoft365-compliance.git
cd steampipe-mod-microsoft365-compliance/
Start your dashboard server to get started:
steampipe dashboard
By default, the dashboard interface will then be launched in a new browser window at https://localhost:9194. From here, you can run benchmarks by selecting one or searching for a specific one.
Instead of running benchmarks in a dashboard, you can also run them within your
terminal with the steampipe check
command:
Run all benchmarks:
steampipe check all
Run a single benchmark:
steampipe check benchmark.cis_v140_1
Run a specific control:
steampipe check control.cis_v140_1_1_3
Different output formats are also available, for more information please see Output Formats.
This mod uses the credentials configured in the Steampipe Azure AD and Microsoft 365 plugins.
No extra configuration is required.
If you have an idea for additional compliance controls, or just want to help maintain and extend this mod (or others) we would love you to join the community and start contributing. (Even if you just want to help with the docs.)
- Join our Slack community โ and hang out with other Mod developers.
Please see the contribution guidelines and our code of conduct. All contributions are subject to the Apache 2.0 open source license.
Want to help but not sure where to start? Pick up one of the help wanted
issues: