Demo portal · pre-release Back us

Changes · Pora Inc.

Run 11yxf5 · Zero Trust Assessment · 2026-06-04

New failures
186 ▲ vs prev
Accepted risks
5 no change
Controls assessed
721
Posture
47%

Tenant security posture: getting more secure?

trend ▾
47%

of 721 controls passing this run

failing186
products14
12 runs agonow

Evidence timeline · CIS.M365.1.1.1 · Admin accounts cloud-only

Pass Fail Warn N/A No run
JanFebMarAprMayJunJulAugSepOctNovDec
2026
2025
2024
2023
2022

Run 11yxf5 · failing & accepted controls

Open raw report
Status Control Product Severity Standard Owner
failed
CIS.M365.1.1.3
Ensure that between two and four global admins are designated
En Entra High CIS AP
failed
CIS.M365.1.2.1
Ensure that only organizationally managed/approved public groups exist
En Entra Medium CIS AP
failed
CIS.M365.1.3.4
Ensure 'User owned apps and services' is restricted
En Entra Unknown CIS SR
failed
CIS.M365.4.1
Ensure devices without a compliance policy are marked 'not compliant'
In Intune Unknown CIS YT
failed
CIS.M365.5.1.5.1
Ensure user consent to apps accessing company data on their behalf is not allowed
En Entra Unknown CIS NB
failed
CIS.M365.5.1.5.2
Ensure the admin consent workflow is enabled
En Entra Unknown CIS TO
failed
CIS.M365.5.2.3.5
Ensure weak authentication methods are disabled
En Entra Unknown CIS MK
failed
CISA.MS.AAD.2.1
Users detected as high risk SHALL be blocked.
En Entra High CISA MK
failed
CISA.MS.AAD.2.3
Sign-ins detected as high risk SHALL be blocked.
En Entra High CISA SR
failed
CISA.MS.AAD.3.1
Phishing-resistant MFA SHALL be enforced for all users.
En Entra High CISA YT
risk
CIS.M365.1.1.1
Ensure Administrative accounts are cloud-only
En Entra High CIS DS
risk
CIS.M365.1.3.7
Ensure 'third-party storage services' are restricted in 'Microsoft 365 on the web'
En Entra Unknown CIS NB
risk
CISA.MS.AAD.1.1
Legacy authentication SHALL be blocked.
En Entra High CISA DS
risk
CISA.MS.AAD.3.7
Managed devices SHOULD be required for authentication.
En Entra High CISA DS
Latest run
SourceZero Trust Assessment
Submitted2026-06-04
Run id11yxf5
Open raw report
Products in this run
  • En Entra 309
  • In Intune 53
  • Ex Exchange 50
  • Te Teams 12
  • Sp SharePoint 2
  • Df Defender 24
  • Do Defender O365 79
  • Pv Purview 40
  • Ga Secure Access 67
  • Xm Exposure Mgmt 12
  • Co Copilot 10
  • Az Azure 22
  • Ad Azure DevOps 39
  • ·· Other 2
Supported results
  • Maester
  • Zero Trust Assessment

Cloud is the history & drift layer. You run the tests.