Changes · Pora Inc.
Run 11yxf5 · Zero Trust Assessment · 2026-06-04
New failures
186 ▲ vs prev
Accepted risks
5 no change
Controls assessed
721
Posture
47%
Tenant security posture: getting more secure?
trend ▾47%
of 721 controls passing this run
failing186
products14
12 runs agonow
Evidence timeline · CIS.M365.1.1.1 · Admin accounts cloud-only
Pass Fail Warn N/A No run
JanFebMarAprMayJunJulAugSepOctNovDec
2026
2025
2024
2023
2022
Run 11yxf5 · failing & accepted controls
Open raw report| Status | Control | Product | Severity | Standard | Owner |
|---|---|---|---|---|---|
| failed | CIS.M365.1.1.3 Ensure that between two and four global admins are designated | En Entra | High | CIS | AP Aria Patel |
| failed | CIS.M365.1.2.1 Ensure that only organizationally managed/approved public groups exist | En Entra | Medium | CIS | AP Aria Patel |
| failed | CIS.M365.1.3.4 Ensure 'User owned apps and services' is restricted | En Entra | Unknown | CIS | SR Sam Rivera |
| failed | CIS.M365.4.1 Ensure devices without a compliance policy are marked 'not compliant' | In Intune | Unknown | CIS | YT Yuki Tanaka |
| failed | CIS.M365.5.1.5.1 Ensure user consent to apps accessing company data on their behalf is not allowed | En Entra | Unknown | CIS | NB Noah Bauer |
| failed | CIS.M365.5.1.5.2 Ensure the admin consent workflow is enabled | En Entra | Unknown | CIS | TO Tom Okafor |
| failed | CIS.M365.5.2.3.5 Ensure weak authentication methods are disabled | En Entra | Unknown | CIS | MK Mona Kane |
| failed | CISA.MS.AAD.2.1 Users detected as high risk SHALL be blocked. | En Entra | High | CISA | MK Mona Kane |
| failed | CISA.MS.AAD.2.3 Sign-ins detected as high risk SHALL be blocked. | En Entra | High | CISA | SR Sam Rivera |
| failed | CISA.MS.AAD.3.1 Phishing-resistant MFA SHALL be enforced for all users. | En Entra | High | CISA | YT Yuki Tanaka |
| risk | CIS.M365.1.1.1 Ensure Administrative accounts are cloud-only | En Entra | High | CIS | DS Dev Sharma |
| risk | CIS.M365.1.3.7 Ensure 'third-party storage services' are restricted in 'Microsoft 365 on the web' | En Entra | Unknown | CIS | NB Noah Bauer |
| risk | CISA.MS.AAD.1.1 Legacy authentication SHALL be blocked. | En Entra | High | CISA | DS Dev Sharma |
| risk | CISA.MS.AAD.3.7 Managed devices SHOULD be required for authentication. | En Entra | High | CISA | DS Dev Sharma |
No runs submitted for this tenant yet.
Products in this run
- En Entra 309
- In Intune 53
- Ex Exchange 50
- Te Teams 12
- Sp SharePoint 2
- Df Defender 24
- Do Defender O365 79
- Pv Purview 40
- Ga Secure Access 67
- Xm Exposure Mgmt 12
- Co Copilot 10
- Az Azure 22
- Ad Azure DevOps 39
- ·· Other 2
Supported results
- Maester
- Zero Trust Assessment
Cloud is the history & drift layer. You run the tests.