Dattics Tools
Microsoft 365 Security Report
Get a free PDF report on your tenant's security posture: Secure Score, MFA coverage, conditional access, inactive users, apps with critical permissions, and more. No agents, no installations, completely free.
Where should we send the report?
Enter your corporate email. The PDF report will be sent to this address along with the opening password. The email must belong to the same domain as your Microsoft 365 tenant.
Requires Global Administrator or Application Administrator
The next step opens a Microsoft window to grant read-only permissions to Dattics on your tenant. You must complete it with an account that has the Global Administrator or Application Administrator role. No changes will be made to your tenant.
Authorize read access
Report for:
Click the button to authorize us in Microsoft Entra ID. Once permissions are granted, we will automatically generate the report and send it to the email address provided.
Permissions to be requested (read-only)
- Directory.Read.All — Users, groups and roles
- Policy.Read.All — Conditional access policies
- Reports.Read.All — Activity and sign-in reports
- SecurityEvents.Read.All — Secure Score
- AuditLog.Read.All — Audit logs
How do we protect your information?
We use Azure Managed Identities to authenticate to your tenant — no passwords or certificates stored. Tokens are obtained at runtime and never persisted.
You can revoke access at any time: go to Microsoft Entra ID → Enterprise applications, search for Dattics Partner Management and delete it.
What does the report analyze?
Comprehensive security posture analysis based on Microsoft Graph APIs.
Secure Score
Current score vs. maximum and comparison with similar tenants. Top 5 recommended improvements.
MFA Coverage
Percentage of users with MFA enabled and the type of registered method.
Conditional Access
List of all active, disabled, and report-only policies.
Inactive Users
Accounts with no activity in the last 30 days that represent a credential risk.
Apps with Critical Permissions
Applications with Graph permissions considered high-privilege (write, directory, etc.).
Privileged Roles
Number of assignees to: Global Admin, Security, Exchange, Intune, CA, and more.
Security Defaults
Status of Microsoft's security defaults in your tenant.
DNS & Email
SPF, DMARC, and DKIM evaluation for the tenant's primary domain.
Legacy Authentication
Detection of sign-ins using legacy protocols (IMAP, POP3, Exchange ActiveSync, etc.) in the last 7 days.
How does it work?
The entire process takes less than 5 minutes.
Enter your email
Type the corporate email address where you want to receive the PDF report.
Authorize read access
An administrator grants read-only permissions to Dattics in Microsoft Entra ID. No changes are made.
Receive your report
We generate the analysis and send you the password-protected PDF to your email within minutes.
Need guidance on Microsoft 365 security?
Our team can help you interpret the report and implement the recommended improvements.
Talk to an expert