Active Directory & M365 Security

Active Directory & M365
Security Assessment

A focused review of the systems that hold your identities and access.
Most of the issues ransomware relies on sit in a handful of well-known misconfigurations - this finds the critical ones fast.

Send a Question Encrypted Call

Supportive service · part of the retainer

This assessment is mainly delivered inside the Retained Security Partner retainer, where the work is scheduled at the right time for your budget - a small monthly cost instead of a large one-off invoice.

The Challenge

Why identity drifts

Stale admin accounts, weak service accounts, legacy authentication, and over-broad permissions build up quietly in Active Directory and Microsoft 365. These are the exact paths ransomware uses to move from one machine to the whole company. A short, focused assessment surfaces around 80% of the critical issues in roughly 20% of the time a full project would take.

Phase 1

Never Reviewed

Identity and access have never been checked. Misconfigurations accumulate and stay invisible until an incident exposes them.

Phase 2

One-Off Snapshot

A single assessment names the issues, but it does not fix them. Remediation takes real work over time, and the environment keeps drifting as accounts, devices, and policies change.

Phase 3

Scheduled in a Retainer

The assessment repeats on a sensible cadence inside a retainer, so identity hygiene keeps pace with the business.

Scope

What's in scope

A configuration-and-exposure assessment of Active Directory and Microsoft 365 - not a full internal network penetration test.

Active Directory

Privileged account hygiene and admin sprawl
Weak and stale service accounts
Legacy authentication and outdated protocols
Trust relationships and delegation
Group policy weaknesses

Microsoft 365

Admin roles and conditional access
Multi-factor authentication coverage
Risky external sharing and guest access
Mailbox and application permissions
Sign-in and identity exposure

Requirements

Access and accounts I need

Required inputs

One read-only domain account, or a domain-joined machine I can run the assessment from.
Read access to the Microsoft 365 admin centre.
A short scoping call to confirm domain size, access method, and scheduling.
One technical contact available for the debrief.

Pricing

Indicative pricing

A defined assessment with a defined output: a prioritised hardening report you can act on. Fixed scope, fixed price - confirmed on a free scoping call.

Starting from

€1,200

fixed-scope engagement

Always included

Full Active Directory & M365 assessment

Findings prioritised by real-world risk

Executive summary for management

Technical hardening report with concrete steps

Ransomware-relevant risk highlighted

Debrief call with your technical contact

Send a Question Encrypted Call

Fixed price confirmed after the call. No surprises.

Process

How We Collaborate

Scoping call

We confirm the size of your environment, how I will access it, and the schedule. Usually 30 minutes.

Assessment

I run the assessment across Active Directory and Microsoft 365 and collect the configuration data.

Analysis & report

I prioritise the findings by real-world risk and write a hardening report with concrete, ordered steps.

Debrief

We walk through the findings together, focus on what reduces ransomware risk first, and agree the next steps.

A one-off assessment answers a single question. A Retained Security Partner retainer schedules these assessments for you at the best time and budget, so identity hygiene keeps pace with how your business changes.