Maester Maester Cloud
Start now

Maester Cloud documentation

Maester Cloud is the evidence layer for Microsoft 365 security. You run Maester and the Zero Trust Assessment wherever you already run them — GitHub Actions, Azure DevOps, Azure Automation, a scheduled task — and push the results to your dedicated Maester Cloud environment. The portal turns those snapshots into a living record: what passed, what failed, what changed since the last run, and how each Microsoft product in your tenant is trending.

How it fits together

  1. Run your Maester or Zero Trust Assessment as usual.
  2. Send the results with one PowerShell command (Sending reports).
  3. Parse — every test in the report becomes a stored, queryable result with a Microsoft product attached.
  4. Diff — each run is compared with the previous run of the same kind (How drift works).
  5. See it all in the portal (The portal) and get told when something regresses (Drift emails).

Two ways to run it

Hosted ($250/mo)Sponsor + Self-Hosted ($99/mo)
We run a dedicated environment for you at your-name.maester.cloud — its own isolated Azure resources, never shared with another customer. Getting started. You deploy the same stack into your own Azure subscription from the private repository. Self-hosting.

Design principles

  • Your identity, your control. Sign-in uses an Entra app registered in your tenant; only users you assign can get in. No app or token is shared across customers. Security model.
  • No client secrets, anywhere. Humans sign in with PKCE; workloads use managed identities.
  • Evidence is kept, not summarized away. Raw report files are stored alongside the parsed results and downloadable any time.
  • Honest by default. If a panel has no real data behind it yet, it says so — nothing in the portal is fabricated.