M365-Assess

2.10.0

Comprehensive read-only Microsoft 365 security assessment tool for IT consultants and administrators. Covers Entra ID, Exchange Online, Intune, Defender, SharePoint, Teams, Purview, and Active Directory.

Minimum PowerShell version

7.0

Installation Options

Copy and Paste the following command to install this package using PowerShellGet More Info

Install-Module -Name M365-Assess -RequiredVersion 2.10.0

Copy and Paste the following command to install this package using Microsoft.PowerShell.PSResourceGet More Info

Install-PSResource -Name M365-Assess -Version 2.10.0

You can deploy this package directly to Azure Automation. Note that deploying packages with dependencies will deploy all the dependencies to Azure Automation. Learn More

Manually download the .nupkg file to your system's default download location. Note that the file won't be unpacked, and won't include any dependencies. Learn More

Owners

Copyright

(c) 2026 Galvnyz. All rights reserved.

Package Details

Author(s)

  • Galvnyz

Tags

Microsoft365 M365 Security Assessment Compliance Audit EntraID Exchange Intune Defender SharePoint Teams PowerBI CIS NIST SOC2 HIPAA ZeroTrust SecurityBaseline

Functions

Invoke-M365Assessment Get-M365ExoSecurityConfig Get-M365DnsSecurityConfig Get-M365EntraSecurityConfig Get-M365CASecurityConfig Get-M365EntAppSecurityConfig Get-M365IntuneSecurityConfig Get-M365DefenderSecurityConfig Get-M365ComplianceSecurityConfig Get-M365SharePointSecurityConfig Get-M365TeamsSecurityConfig Get-M365FormsSecurityConfig Get-M365PowerBISecurityConfig Get-M365PurviewRetentionConfig Grant-M365AssessConsent New-M365ConnectionProfile Set-M365ConnectionProfile Remove-M365ConnectionProfile Get-M365ConnectionProfile Compare-M365Baseline Export-M365Remediation

Dependencies

Release Notes

v2.10.0 - Polish & Audits milestone (10 of 10 issues closed). ADDED: Per-prefix narrative content for the report finding-detail "Why It Matters" callout (#854) -- expanded coverage from ~22 to ~70 prefix families across SPO/EXO/DNS/DEFENDER/ENTRA/CA/INTUNE/COMPLIANCE/TEAMS/POWERBI/PBI/FORMS, fixing a long-standing prefix-bug where every SharePoint finding fell through to the generic fallback. New docs/research/narrative-content-sources.md captures source-authority by family (Microsoft Learn, CIS M365 v6.0.1, NIST 800-63B/800-53 r5, CISA, M3AAWG). ISO 27001 vs 27002 mapping audit (#858) -- new docs/research/iso-27001-vs-27002-audit.md plus iso-27002.json framework definition; identifies the upstream SCF conflation (1020/1020 identical mappings) and recommends the upstream-fix path. New tests/Behavior/Iso-27001-27002-Mapping-Audit.Tests.ps1 with skip-until-upstream divergence assertion + always-runs informational stats. CIS M365 v6.0.1 mapping audit (#848) -- new docs/research/cis-m365-v6-audit.md catalogs section-9 POWERBI-/PBI- merge-artifact duplicates (11/11 clusters) + section-4 EXO-* labeling anomaly; recommends upstream SCF fixes. New tests/Behavior/Cis-M365-v6-Mapping-Audit.Tests.ps1 with skip-until-upstream regressions + informational stats. Follow-up tracker #871 monitors when upstream lands. CHANGED: None (audit-flavored milestone). FIXED: SPO-/SHAREPOINT- prefix matching bug in whyItMatters() (#854) -- chain checked SHAREPOINT- but registry uses SPO-; every SharePoint finding hit the generic fallback. Now matches correctly with sub-prefix specificity (SHARING/B2B, SITE, SCRIPT/SWAY, SYNC/OD, etc.).

FileList

Version History

Version Downloads Last updated
2.11.0 49 5/1/2026
2.10.1 23 4/30/2026
2.10.0 (current version) 8 4/29/2026
2.9.3 20 4/29/2026
2.9.2 25 4/27/2026
2.9.1 28 4/26/2026
2.9.0 5 4/26/2026
2.6.0 7 4/25/2026
2.4.0 62 4/23/2026
2.2.0 99 4/20/2026
2.1.0 33 4/20/2026
2.0.0 7 4/19/2026
1.16.0 7 4/18/2026
1.15.0 7 4/18/2026
1.9.0 120 4/7/2026
1.8.1 8 4/7/2026
1.8.0 10 4/7/2026
1.7.0 11 4/7/2026
1.6.0 24 4/6/2026
1.5.0 15 4/3/2026
1.2.0 9 4/2/2026
1.0.1 41 3/31/2026
1.0.0 5 3/30/2026
Show more