We're ecstatic to announce Siriux's acquisition by Vectra! See the full announcement!


Vulnerability Assessments are currently available for M365 (including Azure AD). Vulnerability Assessment offerings for Salesforce, Workday and ServiceNow are on the roadmap.

 Vulnerability Assessments can be run at frequency – from multiple times per day to once per year – and can be customized to include only the services you would like to assess.


We design our M365 Vulnerability Assessments based on the following four principles for SaaS security.

1. Privilege Management

User permissions tend to loosen over time. We help you apply the principle of least privilege so you can verify that privileged accounts are limited in number and only have the rights necessary to get the job done.

2. Attack Surface Reduction

The value of your data can only be fully realized when the right people have access to it. But every time you share access to data, you run the risk that it may fall into the wrong hands. We help you understand who has access to your data so you can be sure there are no leaks. In addition, file sharing mechanisms like SharePoint and OneDrive can allow for ransomware distribution within your enterprise. Our approach reduces these attack paths.

3. Service Hardening

We make sure that all the right defenses – such as multi-factor authentication, strong password policies, and malware prevention – are in place to protect your system.

4. Transitive Trust Management

Who trusts whom in your Active Directory domains? Trust relationships can be tricky, and unexpected results can occur. We help you verify that your trust relationships operate as you intend.


Our Microsoft-approved M365 Vulnerability Assessments include three parts: A read-only scan of your tenant, deliverables that reflect your scan results, and customized analyst services.

The M365 Scan covers these modules:


  • Exchange Online
  • Teams
  • SharePoint / OneDrive
  • Azure AD
  • Endpoint Manager (includes Intune)

Using your scan results, a Siriux Analyst generates your deliverables and provides expert recommendations on how to craft your organization’s remediation strategy. Or, port your scan results to your SIEM for more automated remediation management.

Microsoft 365 Scan Tool

Explore Your Tenant in 3D

Navigate through policies, users, mailboxes, and more through Tenant Explorer. Explore how M365’s complex security controls can create unexpected opportunities for attackers to thwart the best security intentions. Dive into details that no single view in Microsoft’s own tool suite can offer.

Check Your Tenant’s Health

Quickly review the security posture for your entire tenant on the summary page. See the total number of vulnerable configurations, the tenant’s relative Risk Severity score, and how many opportunities you have to capitalize on quick wins—simple changes that will be almost invisible to your end users.

In the Deltas section, track your remediation progress or configuration drift from scan to scan.


Investigate Each M365 Module in Depth

Track Progress

See current risk settings, compare against previous scan results, and identify next steps to secure each module.


View Quick Wins

Quick wins are the low-hanging fruit of high-value configuration changes that pose little impact to operations. Use these to identify your most valuable quick fixes.


Analyze Findings

Review all scanned parameters to see details about security risk, operations impact, and current versus recommended configuration info.

Integrate Quickly

Integrate Siriux findings into your preferred SIEM or ITSM solution to track and respond to findings in real time. Filter your scan results down to the criteria that matter most to your organization and to cut down on the noise of irrelevant data.

Track Your Progress

Your scan results populate the interactive Remediation Project Plan. While the Microsoft Security and Compliance Center provides a one-size-fits-all solution, Siriux customizes this plan so you can more accurately and efficiently design your remediation strategy. Assign remediation tasks, monitor their status, and log notes in one easy to-use-template to track your team’s progress toward hardening your tenant.

Request a Demo

Request your free M365 Sample Scan to see the scope of a scan on your tenant along with some sample results.

coming soon

Vulnerability Assessments for:


© 2022 Siriux Security Technologies, Inc. All rights reserved.

Privacy Policy | Terms of Service