Security Posture

Comprehensive view of your organization security posture across all Microsoft 365 services. Assess strengths, identify gaps, and track improvement over time.

Overview

The Security Posture report provides a holistic assessment of your security configuration and practices across Identity, Device, Application, and Data protection domains. This report combines Secure Score data with additional security metrics to give a complete picture of your security health.

Posture Components

Key Metrics

• Overall Security Score — Weighted average across all security domains
• MFA Adoption Rate — Percentage of users with MFA enabled
• Device Compliance Rate — Percentage of devices meeting compliance policies
• Conditional Access Coverage — Percentage of sign-ins protected by CA policies
• DLP Policy Coverage — Sensitive data protected by DLP policies

Risk Assessment

The report identifies security risks by severity:

1. Critical Risks — Immediate action required (e.g., no MFA for admins)
2. High Risks — Should be addressed within days (e.g., legacy auth enabled)
3. Medium Risks — Plan remediation within weeks (e.g., incomplete DLP)
4. Low Risks — Opportunities for improvement (e.g., additional baselines)

Improvement Recommendations

Actionable recommendations prioritized by impact:

• Enable MFA for all users (highest impact)
• Block legacy authentication protocols
• Deploy conditional access policies
• Enable self-service password reset
• Configure automated investigation and response

Filters

• Tenant — All tenants, specific tenant, or tenant groups
• Component — Identity, Device, Application, Data, Threat
• Risk Level — Critical, High, Medium, Low
• Date Range — For trend comparison

API Reference

• GET /api/monitoring/security-analytics/posture — Get security posture assessment
• GET /api/monitoring/security-analytics/posture/recommendations — Get recommendations
• POST /api/monitoring/security-analytics/posture/export — Export report data