Where is your Secure Score leaking points?
Sign in read-only and this page pulls your tenant's Secure Score live from Microsoft Graph — gaps ranked by points available, every control mapped to the ASD Essential Eight, CIS Controls v8 and NIST CSF 2.0. There is no backend: your browser talks to Graph directly, and the report is rendered right here. Nothing is sent or stored.
Sign in with a Microsoft work account holding Security Reader or higher. Reading Secure Score needs one-time admin consent in your tenant. A popup opens — allow it if your browser asks.
by category
top gaps ranked by points available
| control | gap | effort | frameworks |
|---|
quick wins low effort · real points
| control | gap | frameworks |
|---|
This snapshot counts the gaps — a full assessment closes them, with an Essential Eight maturity target and a quoted fix list. Fixed price, one week → ./view pricing
questions before you sign in
▸What exactly am I consenting to?
▸Why does it need admin consent?
▸Why does the consent screen say "unverified"?
▸How do I verify nothing leaves my browser?
▸What role do I need, and how do I revoke access afterwards?
Reads /security/secureScores and /security/secureScoreControlProfiles via Microsoft Graph with delegated permissions. Framework mappings are indicative, derived from control titles. Sign out of the popup session by closing this tab; the app can be revoked any time in Entra → Enterprise applications.