Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community
SOLVED

PowerShell and Office 365 Secure Score

Iron Contributor
Hello! :)

I am wondering if there is an article that describes how to implement suggestions from Secure Score via PowerShell? I have been asked to find a way to "standardize" security for the multiple tenants we have using PowerShell, and in a way that also positively impacts our Secure Score.

Any thoughts or ideas appreciated! :beaming_face_with_smiling_eyes:

Thanx,
--Gene.
5 Replies

It's a good idea and many of the recommendations indeed can be scripted via PowerShell. Not all workloads will be able to support this however, and not all actions are a good match for PowerShell (for example, the periodic Review type of actions).

 

All the actions do offer the additional info via the Details page though, especially in the case of Exchange it's very easy to get to the PowerShell cmdlet from there - simply use the "Show cmdlet logging" functionality in the EAC. For other workloads, you can still get to the documentation and simply search on how to perform the relevant actions via PowerShell.

 

Perhaps @Brandon Koeller might actually have a thing or two to say about this, I know that the early version of the Secure Score tool was PowerShell based, so it should be relatively easy to adapt it from "just look" to "do stuff" :)

best response confirmed by VI_Migration (Silver Contributor)
Solution

Hey Gene,

Thanks for reaching out. We do have the Secure Score data available via API now: https://blogs.technet.microsoft.com/office365security/using-the-office-365-secure-score-api/

 

But, your point is interesting. We actually haven't implemented any of the remediation actions in a neat, clean powershell, but we do have some resources. 

First, if you want to collect state data in powershell, I've uploaded a very old, PM-authored version of the very Alpha Secure Score here: https://github.com/OfficeDev/O365-Cloud-Sec-Tooling/blob/master/Securescore/DEPRECATED-LEGACYSecureS...

 

Second, we do have some remediation automation in powershell scripts here: https://github.com/OfficeDev/O365-InvestigationTooling

 

Thanks!

Brandon Koeller

 

Thanks so much for this!  I was just asked to do this, so I will start diggin' through the scripts provided via GitHub.

 

If you remember anything else, please let me know.  ;)  Thanks again!

 

--Gene.

Hi,

I started some efforts to document the PowerShell scripts for some of the SecureScore actions. You can find the blog here: http://www.nubo.eu/en/blog/2017/01/Securing-Your-Office-365-Environment/. Feel free to send some comments or suggestions.

 

br,

Patrick

1 best response

Accepted Solutions
best response confirmed by VI_Migration (Silver Contributor)
Solution

Hey Gene,

Thanks for reaching out. We do have the Secure Score data available via API now: https://blogs.technet.microsoft.com/office365security/using-the-office-365-secure-score-api/

 

But, your point is interesting. We actually haven't implemented any of the remediation actions in a neat, clean powershell, but we do have some resources. 

First, if you want to collect state data in powershell, I've uploaded a very old, PM-authored version of the very Alpha Secure Score here: https://github.com/OfficeDev/O365-Cloud-Sec-Tooling/blob/master/Securescore/DEPRECATED-LEGACYSecureS...

 

Second, we do have some remediation automation in powershell scripts here: https://github.com/OfficeDev/O365-InvestigationTooling

 

Thanks!

Brandon Koeller

 

View solution in original post