You're viewing demo data—Sign up for real insights

Compliance

Compliance frameworks and control mapping

Demo Mode — Pro Plan

Federal Standard

NIST SP 800-53 Rev 5

63%compliant

10 pass1 partial5 fail

CISA Directive

CISA SCuBA Baselines

57%compliant

8 pass2 partial4 fail

Industry Benchmark

CIS M365 Benchmark v6

57%compliant

8 pass3 partial3 fail

NIST SP 800-53 Rev 5

Federal Standard

AC-2Account Management

Fail

AC-6Least Privilege

Fail

AC-7Unsuccessful Logon Attempts

Pass

IA-2Identification & Authentication

Fail

IA-5Authenticator Management

Pass

AU-2Audit Events

Partial

AU-6Audit Record Review & Reporting

Pass

SC-7Boundary Protection

Fail

SC-8Transmission Confidentiality

Pass

SC-13Cryptographic Protection

Pass

CM-7Least Functionality

Fail

SI-3Malicious Code Protection

Pass

SI-4System Monitoring

Pass

AT-2Literacy Training & Awareness

Pass

RA-5Vulnerability Monitoring & Scanning

Pass

CA-7Continuous Monitoring

Pass

CISA SCuBA Baselines

CISA Directive

MS.AAD.1.1MFA for All Users

Fail

MS.AAD.2.1Block Legacy Auth

Fail

MS.AAD.3.1Conditional Access

Partial

MS.AAD.4.1Sign-in Risk Policy

Pass

MS.AAD.5.1App Registration Restrictions

Pass

MS.AAD.7.1Privileged Roles

Fail

MS.EXO.1.1SPF Authentication

Pass

MS.EXO.2.1DKIM Signing

Pass

MS.EXO.4.1Mail Forwarding

Fail

MS.DEFENDER.1.1Audit Logging

Partial

MS.DEFENDER.2.1Safe Attachments

Pass

MS.DEFENDER.3.1Safe Links

Pass

MS.TEAMS.1.1External Access Controls

Pass

MS.SPO.1.1SharePoint Sharing Controls

Pass

CIS M365 Benchmark v6

Industry Benchmark

1.1.1Ensure MFA is enabled for all users

Fail

1.1.3Block legacy authentication

Fail

1.2.1Limit Global Administrator accounts

Fail

1.3.1Ensure password expiration is configured

Pass

2.1.1Enable unified audit logging

Partial

2.2.1Enable Safe Attachments for SharePoint

Pass

3.1.1Configure DLP policies

Partial

4.1.1Restrict external sharing

Partial

5.1.1Enable mailbox auditing for all users

Pass

5.2.1Enable Safe Links for Office applications

Pass

6.1.1Enable Microsoft Defender for Office 365

Pass

6.2.1Configure anti-phishing policies

Pass

7.1.1Configure app consent workflow

Pass

7.2.1Restrict third-party integrated apps

Pass