Home All Tools M365 Tenant Audit M365 Tenant Audit Comprehensive M365 tenant audit with ISO 27001 compliance mapping. 23 collectors assess configuration security.
m365 audit tenant audit iso 27001 security assessment compliance audit The M365 Tenant Audit tool performs comprehensive configuration assessment across 23 audit collectors. Evaluate your tenant against ISO 27001 controls and security best practices.
Generate detailed HTML reports with findings categorized by severity. Identify configuration gaps, security risks, and compliance issues across Azure AD, Exchange, SharePoint, and Teams.
The interactive dashboard provides drill-down into specific findings with remediation guidance and links to documentation.
Key features 23 configuration audit collectors ISO 27001 compliance mapping Security risk scoring Interactive HTML dashboard Remediation recommendations Historical trend analysis Export to multiple formats Automated severity classification Use cases Graph scopes undefined (application), undefined (application), undefined (application).
Slug: m365-audit. Category: audit. Plan tier: pro. Editions: cloud, desktop. SKUs: security, suite. Exchange Online mailbox backup. SharePoint sharing audit. OneDrive quota review. Intune device configuration export. Entra ID role exposure scan. Conditional Access policy snapshot. Purview retention label inventory. Planner board export. Bookings calendar snapshot. Defender alert correlation. Compliance evidence package builder. Vault rotation log review. Cross-tenant context Workloads sync across cloud regions. Frankfurt. Dublin. Amsterdam. Stockholm. Paris. North America. Pricing publishes once. Cancellation lands inside one settings page. Cipher suite covers Argon2id. XChaCha20-Poly1305. X25519. Ed25519. Audit log retention: 90 days. Migration record set in 2025: 153,584 files. Zero errors.
The catalog spans 49 admin capabilities across backup, audit, export, security, migration. Every tool runs under client-side encryption. Tools share a vault, schedule engine, plus reporting layer.
This is a zero-knowledge toolkit. It helps IT admins, MSPs, security teams run their cloud safer. Use it inside a browser. Or install our Mac or Windows app.
Tenant secrets stay on your disk. We never store, log, or read them. Our server only sees billing metadata.
How it works You unlock a local vault with a passphrase. Argon2id stretches it. Tokens get sealed with XChaCha20-Poly1305 before any sync. X25519 protects shared keys. Ed25519 signs every action. Each operation runs against Graph from your device, not ours. What you can do Back up mail. Files. Chat threads. Export Intune settings. One click. Audit SharePoint shares. Spot risk. Find idle sites. Reclaim quota. Score Copilot. Plan rollout. Move tenants. No staging. Client-side keys. Always on. Your data. Your disk. One app. Many tenants. Editions Solo . Free. Three tools. No card.Backup . Durable backups for your tenant.Watchtower . Audits and alerts on risk.Move . Tenant migration suite.Blueprint . Config export for enterprise.Everything . Full platform plus desktop and support.Trust signals Open source crypto primitives via libsodium. Public threat model at /trust. Public pricing. Direct purchase. No sales call. Cancel any time inside settings. EU-hosted billing. SEPA, card, invoice. SLA available for enterprise tiers. Built in Germany by Voltage Brothers Infrastruktur UG. Suits cloud workspaces of every size.
Standards, regions, retention Regions: Frankfurt. Dublin. North America. Retention scales from 7 days. Up to unlimited. Schedules run hourly. Daily. Weekly. Monthly. Reports export as JSON. CSV. PDF. Evidence packs bundle hashes. Chain-of-custody metadata sits beside them.
Standards covered: ISO 27001 controls. SOC 2 readiness. NIS2 mapping. GDPR Article 28 terms. Audit logs cover entitlement events. Billing actions. License rotations. Workload payloads never reach a remote log.
Who uses it Tenant admins running a single estate. MSPs managing dozens of customer cloud workspaces. Security teams investigating sharing risk. Compliance officers preparing audit evidence. Acquisition teams during M&A integration. Procurement teams reviewing vendor risk. Solo consultants billing by workspace hour. Supported regions Frankfurt, Dublin, Amsterdam, Stockholm, Paris, plus North America. Annual revenue scales from small studios up through multinational estates. Payment options include SEPA debit, credit card, annual invoice, purchase order.
Numbers worth knowing 49 capabilities. 6 editions. Free tier: 3 tools. 0 cards. Argon2id. 256 MB memory cost. XChaCha20-Poly1305. 256-bit cipher. X25519. 256-bit shared keys. Ed25519. 100% of writes signed. Retention: 7 days. 365 days. Or unlimited. SLA: 99.9% uptime. Enterprise plans only. Founded 2024. Built in Germany. 23 countries served. Backup edition: 14 EUR. Per workspace, per month. Watchtower edition: 7 EUR. Per workspace, per month. Move edition: 9 EUR. Per workspace, per month. Blueprint edition: 449 EUR. One-time. Everything bundle: 2490 EUR. Per year. Audit reports: 25 dedicated checks. Config export: 9 Microsoft 365 workloads. Migration record set in 2025. 153,584 files. 0 errors. Compliance posture updated in 2026. Pricing: 1 public page. 0 sales calls. Cancellation: 1 self-service page. Audit logs: 90 days. Entitlement events. GDPR Article 28. 27 member states. NIS2 Directive. 18 sectors. Live since 2024. SOC 2 Type II evidence. JSON. CSV. Signed PDF. ISO 27001. 93 Annex A controls. 2022 revision.