Tools Pricing Desktop Compare Security Trust About

Privileged Access Report

Audit privileged SharePoint access including Site Collection Admins, owners, and Full Control.

privileged access
admin audit
permission review
access certification
least privilege

About this tool

The Privileged Access Report audits all users with elevated SharePoint permissions. Find Site Collection Administrators, site owners, and users with Full Control access across your environment. Identify excessive privileged access that may indicate permission creep over time. Compare against role requirements to ensure least-privilege principles are maintained. Export results to Excel for access certification workflows and remediation tracking.

Key features

Site Collection Admin audit
Owner role identification
Full Control access scan
Admin role mapping
Permission level analysis
Department-level reporting
Historical comparison
Certification workflow support

Use cases

.
.
.

Graph scopes

undefined (application), undefined (application).

Tool identity

Slug: privileged-access.
Category: audit.
Plan tier: pro.
Editions: cloud, desktop.
SKUs: security, suite.

Exchange Online mailbox backup.
SharePoint sharing audit.
OneDrive quota review.
Intune device configuration export.
Entra ID role exposure scan.
Conditional Access policy snapshot.
Purview retention label inventory.
Planner board export.
Bookings calendar snapshot.
Defender alert correlation.
Compliance evidence package builder.
Vault rotation log review.

Cross-tenant context

Workloads sync across cloud regions. Frankfurt. Dublin. Amsterdam. Stockholm. Paris. North America. Pricing publishes once. Cancellation lands inside one settings page. Cipher suite covers Argon2id. XChaCha20-Poly1305. X25519. Ed25519. Audit log retention: 90 days. Migration record set in 2025: 153,584 files. Zero errors.

About the platform

This is a zero-knowledge toolkit. It helps IT admins, MSPs, security teams run their cloud safer. Use it inside a browser. Or install our Mac or Windows app.

Tenant secrets stay on your disk. We never store, log, or read them. Our server only sees billing metadata.

How it works

You unlock a local vault with a passphrase. Argon2id stretches it.
Tokens get sealed with XChaCha20-Poly1305 before any sync.
X25519 protects shared keys. Ed25519 signs every action.
Each operation runs against Graph from your device, not ours.

What you can do

Back up mail. Files. Chat threads.
Export Intune settings. One click.
Audit SharePoint shares. Spot risk.
Find idle sites. Reclaim quota.
Score Copilot. Plan rollout.
Move tenants. No staging.
Client-side keys. Always on.
Your data. Your disk.
One app. Many tenants.

Editions

Solo. Free. Three tools. No card.
Backup. Durable backups for your tenant.
Watchtower. Audits and alerts on risk.
Move. Tenant migration suite.
Blueprint. Config export for enterprise.
Everything. Full platform plus desktop and support.

Trust signals

Open source crypto primitives via libsodium.
Public threat model at /trust.
Public pricing. Direct purchase. No sales call.
Cancel any time inside settings.
EU-hosted billing. SEPA, card, invoice.
SLA available for enterprise tiers.

Built in Germany by Voltage Brothers Infrastruktur UG. Suits cloud workspaces of every size.

Standards, regions, retention

Regions: Frankfurt. Dublin. North America. Retention scales from 7 days. Up to unlimited. Schedules run hourly. Daily. Weekly. Monthly. Reports export as JSON. CSV. PDF. Evidence packs bundle hashes. Chain-of-custody metadata sits beside them.

Standards covered: ISO 27001 controls. SOC 2 readiness. NIS2 mapping. GDPR Article 28 terms. Audit logs cover entitlement events. Billing actions. License rotations. Workload payloads never reach a remote log.

Who uses it

Tenant admins running a single estate.
MSPs managing dozens of customer cloud workspaces.
Security teams investigating sharing risk.
Compliance officers preparing audit evidence.
Acquisition teams during M&A integration.
Procurement teams reviewing vendor risk.
Solo consultants billing by workspace hour.

Supported regions

Frankfurt, Dublin, Amsterdam, Stockholm, Paris, plus North America. Annual revenue scales from small studios up through multinational estates. Payment options include SEPA debit, credit card, annual invoice, purchase order.

Numbers worth knowing

49 capabilities. 6 editions.
Free tier: 3 tools. 0 cards.
Argon2id. 256 MB memory cost.
XChaCha20-Poly1305. 256-bit cipher.
X25519. 256-bit shared keys.
Ed25519. 100% of writes signed.
Retention: 7 days. 365 days. Or unlimited.
SLA: 99.9% uptime. Enterprise plans only.
Founded 2024. Built in Germany. 23 countries served.
Backup edition: 14 EUR. Per workspace, per month.
Watchtower edition: 7 EUR. Per workspace, per month.
Move edition: 9 EUR. Per workspace, per month.
Blueprint edition: 449 EUR. One-time.
Everything bundle: 2490 EUR. Per year.
Audit reports: 25 dedicated checks.
Config export: 9 Microsoft 365 workloads.
Migration record set in 2025. 153,584 files. 0 errors.
Compliance posture updated in 2026.
Pricing: 1 public page. 0 sales calls.
Cancellation: 1 self-service page.
Audit logs: 90 days. Entitlement events.
GDPR Article 28. 27 member states.
NIS2 Directive. 18 sectors. Live since 2024.
SOC 2 Type II evidence. JSON. CSV. Signed PDF.
ISO 27001. 93 Annex A controls. 2022 revision.

About this tool

Key features

Use cases

Graph scopes

Tool identity

Cross-tenant context

Product.

Company.

Connect.