ENTRAGUARD

Observation and audit platform for your Microsoft Entra ID tenant.

01 / What you get

Seven focused modules

Each module covers one part of the audit lifecycle. No unused features cluttering the interface.

01 / LAUNCH

Start audit

Pick a baseline and run the audit. Parallel execution against Microsoft Graph. Real-time score donut, live findings as they appear.

Baselines Real-time Parallel
02 / CATALOG

Audit controls

Browse the full 253 CIS controls catalog. Filter by CIS level, M365 service, status. Inspect remediation steps and Microsoft Learn references.

CIS v6.0.1 Filters Remediation
03 / TRIAGE

Recommendations

Findings ranked by severity (FAIL / WARN). Mapped to CIS reference and M365 service. Each finding includes the actionable remediation steps.

Prioritized Severity CIS-mapped
04 / EVENTS

Audit events

Microsoft Entra directoryAudits journal. Configuration changes, role updates, app creations. Full Graph payload available per event.

directoryAudits Drawer Raw JSON
05 / ACCESS

Recent sign-ins

Recent sign-in logs: successes, failures, CA blocks, MFA challenges. Source IP, geolocation, client application. Filter and export.

Sign-in logs CA blocks Geolocation
06 / BEST PRACTICES

Checklist

23 high-priority items covering MFA, PIM, applications, CA, monitoring, external access. Synchronizable with audit results. Microsoft Learn links per step.

23 items Synced MS Learn
07 / TRACK

History

Local audit history. Compliance score trend over the last 10 runs. Reload past audits, export individual runs, monitor your posture progression.

Local-only Trend chart Re-load runs
Coming next

Zero Trust posture score, SCuBA baselines, multi-tenant management.

02 / Smart baselines

Pick the right control set

Five preset baselines cover the most common audit scenarios. One click selects the relevant controls.

Baseline Controls Target Time
Quick
15 First diagnostic, fast verification, periodic check ~5 min
CIS L2
56 Hardened controls for regulated industries ~6 min
Zero Trust
128 Identity-focused controls aligned with Microsoft ZT ~9 min
Full
253 Complete CIS Microsoft 365 catalog audit ~15 min
03 / Coverage

12 Microsoft 365 services covered

Every control is mapped to one of the 12 core M365 services. The catalog is updated with each CIS Benchmark release.

Entra ID
62 controls
Conditional Access
28 controls
SharePoint
24 controls
Exchange Online
31 controls
Teams
19 controls
OneDrive
14 controls
Defender
22 controls
Intune
18 controls
Purview
16 controls
Copilot
7 controls
Power Platform
8 controls
M365 (general)
4 controls
04 / Reporting

Six export formats, one click each

Each audit can be exported in the format your audience needs — from the board to the SIEM.

PDF
Executive report

Multi-page formatted report with score, breakdown by service, top findings, and remediation summary.

For: Board · Management · Auditors
XLSX
Working spreadsheet

Full audit data in tabular form. Filterable columns, ready for pivot tables and team workflows.

For: IT team · Action tracking
HTML
Interactive report

Standalone HTML with searchable findings, KPIs, severity filter, drawer for raw data. Print-friendly.

For: Wiki · Internal sharing
JSON
Raw structured data

Machine-readable audit output. Integrate with SIEM, ticketing system, or compliance tracking platform.

For: SIEM · Automation · APIs
CSV
Flat table

Lightweight comma-separated format. Universal compatibility with any spreadsheet or analytics tool.

For: Archives · Custom analytics
TXT
Plain text summary

Compact, human-readable summary. Perfect for ticket descriptions, email attachments, or quick scanning.

For: Tickets · Email · Notes
05 / Permissions

Read-only by design

Minimal Microsoft Graph permissions, all read-only. No write permissions are ever requested or granted. Period.

All permissions below are read-only. Entra GUARD cannot create, modify, or delete anything in your tenant.

READUser.Read.All
READApplication.Read.All
READDirectory.Read.All
READAuditLog.Read.All
READPolicy.Read.All
READRoleManagement.Read.Directory
READUserAuthenticationMethod.Read.All
READSecurityEvents.Read.All
READGroup.Read.All
READReports.Read.All
READOrganization.Read.All
READAccessReview.Read.All
06 / Comparison

vs Microsoft Secure Score

Both are valuable. They measure different things. Here's the honest breakdown.

Criterion Microsoft Secure Score Entra GUARD
Number of checks ~80 (varies by license) 253 (CIS v6.0.1)
Reference standard Microsoft-defined CIS Microsoft 365 Benchmark
Severity breakdown Single score FAIL / WARN / MANUAL / SKIPPED
Service mapping Limited 12 M365 services tagged
Preset baselines None 5 (Quick · L1 · L2 · ZT · Full)
Remediation per finding Generic steps Per-control, with MS Learn links
Export formats CSV / Excel PDF · XLSX · HTML · JSON · CSV · TXT
Data location Microsoft cloud 100% browser, never transmitted
Use case Continuous baseline tracking Deep audit + actionable plan

We recommend using both. Secure Score for daily tracking, Entra GUARD for in-depth audits and compliance evidence.

See it for yourself

Try Entra GUARD on a demo tenant

Test all seven modules with a fictitious tenant. No sign-up. No data shared. Free.