M365-Assess 2.0 — A New Report Engine and 274 Automated Checks
M365-Assess 2.0 ships a React-based interactive report, 274 security checks mapped across 14 compliance frameworks, and a 5x reduction in report size.
// blog
Practitioner notes.
Long-form writing about compliance work, framework trade-offs, and the boring realities of running a security practice.
Azure Resource Tagging for Audit and Compliance: Why Activity Logs Aren't Enough
Azure activity logs expire after 90 days. When an auditor asks who created a resource, you need a better answer. Az-Stamper solves this with automatic resource tagging.
Harden Microsoft Intune: What the CISA Advisory Means for Your Tenant
CISA issued urgent guidance on Intune hardening after the Stryker breach. Here's what happened and the specific steps to lock down your tenant.
How to Assess Your Microsoft 365 Security Posture
A step-by-step guide to running a read-only security assessment on your M365 tenant using M365-Assess.
CIS vs NIST vs CMMC: What IT Teams Actually Need to Know
A practical comparison of the three most common compliance frameworks, when to use each, and how they overlap.
Introducing Galvnyz — Open-Source Compliance Automation
Why we're building free cybersecurity compliance tools for IT teams who can't afford enterprise GRC platforms.