I built a free, open-source M365 security assessment tool - looking for feedback
I work as an IT consultant, and a good chunk of my time is spent assessing Microsoft 365 environments for small and mid-sized businesses. Every engagement started the same way: connect to five different PowerShell modules, run dozens of commands across Entra ID, Exchange Online, Defender, SharePoint, and Teams, manually compare each setting against CIS benchmarks, then spend hours assembling everything into a report the client could actually read. The tools that automate this either cost thousands per year, require standing up Azure infrastructure just to run, or only cover one service area. I wanted something simpler: one command that connects, assesses, and produces a client-ready deliverable. So I built it. What M365 Assess does https://github.com/Daren9m/M365-Assess is a PowerShell-based security assessment tool that runs against a Microsoft 365 tenant and produces a comprehensive set of reports. Here is what you get from a single run: 57 automated security checks aligned to the CIS Microsoft 365 Foundations Benchmark v6.0.1, covering Entra ID, Exchange Online, Defender for Office 365, SharePoint Online, and Teams 12 compliance frameworks mapped simultaneously -- every finding is cross-referenced against NIST 800-53, NIST CSF 2.0, ISO 27001:2022, SOC 2, HIPAA, PCI DSS v4.0.1, CMMC 2.0, CISA SCuBA, and DISA STIG (plus CIS profiles for E3 L1/L2 and E5 L1/L2) 20+ CSV exports covering users, mailboxes, MFA status, admin roles, conditional access policies, mail flow rules, device compliance, and more A self-contained HTML report with an executive summary, severity badges, sortable tables, and a compliance overview dashboard -- no external dependencies, fully base64-encoded, just open it in any browser or email it directly The entire assessment is read-only. It never modifies tenant settings. Only Get-* cmdlets are used. A few things I'm proud of Real-time progress in the console. As the assessment runs, you see each check complete with live status indicators and timing. No staring at a blank terminal wondering if it hung. The HTML report is a single file. Logos, backgrounds, fonts -- everything is embedded. You can email the report as an attachment and it renders perfectly. It supports dark mode (auto-detects system preference), and all tables are sortable by clicking column headers. Compliance framework mapping. This was the feature that took the most work. The compliance overview shows coverage percentages across all 12 frameworks, with drill-down to individual controls. Each finding links back to its CIS control ID and maps to every applicable framework control. Pass/Fail detail tables. Each security check shows the CIS control reference, what was checked, what the expected value is, what the actual value is, and a clear Pass/Fail/Warning status. Findings include remediation descriptions to help prioritize fixes. Quick start If you want to try it out, it takes about 5 minutes to get running: # Install prerequisites (if you don't have them already) Install-Module Microsoft.Graph, ExchangeOnlineManagement -Scope CurrentUser Clone and run git clone https://github.com/Daren9m/M365-Assess.git cd M365-Assess .\Invoke-M365Assessment.ps1 The interactive wizard walks you through selecting assessment sections, entering your tenant ID, and choosing an authentication method (interactive browser login, certificate-based, or pre-existing connections). Results land in a timestamped folder with all CSVs and the HTML report. Requires PowerShell 7.x and runs on Windows (macOS and Linux are experimental -- I would love help testing those platforms). Cloud support M365 Assess works with: Commercial (global) tenants GCC, GCC High, and DoD environments If you work in government cloud, the tool handles the different endpoint URIs automatically. What is next This is actively maintained and I have a roadmap of improvements: More automated checks -- 140 CIS v6.0.1 controls are tracked in the registry, with 57 automated today. Expanding coverage is the top priority. Remediation commands -- PowerShell snippets and portal steps for each finding, so you can fix issues directly from the report. XLSX compliance matrix -- A spreadsheet export for audit teams who need to work in Excel. Standalone report regeneration -- Re-run the report from existing CSV data without re-assessing the tenant. I would love your feedback I have been building this for my own consulting work, but I think it could be useful to the broader community. If you try it, I would genuinely appreciate hearing: What checks should I prioritize next? Which security controls matter most in your environment? What compliance frameworks are most requested by your clients or auditors? How does the report land with non-technical stakeholders? Is the executive summary useful, or does it need work? macOS/Linux users -- does it run? What breaks? I have tested it on macOS, but not extensively. Bug reports, feature requests, and contributions are all welcome on GitHub. Repository: https://github.com/Daren9m/M365-Assess License: MIT (free for commercial and personal use) Runtime: PowerShell 7.x Thanks for reading. Happy to answer any questions in the comments.
The latest mobile apps killed mobile first when working with files
Hi, I really enjoyed working only with mobile devices when we started with M365. On iOS the OneDrive app was paramount when organising files in SharePoint/Teams Sites. Easy up- and downloads, drag‘n drop. Move and copy all was there to manage a companies files on mobile devices even when only on mobile network connections. But the upgrades that happened over the last 1-2 years completely break this kind of workflows. There is no really mobile-first paradigm visible anymore. The OneDrive app was worst. All the pretty well integration file management stuff is gone. No drag‘n drop. No useful integration into iOS Files app. Copying between OneDrive and SharePoint got a pain. Bulk operation just silently fail. Files get renamed without any warning (numbers get added to the name or are just increased so no one will ever find the file again). So just two simple usability examples that are a mess: to select multiple files in a folder you have to press the word ‚Select‘ that is not a button or something. This shows up like a column heading in the file view. Right beside ‚Name‘ and ‚Date Modified‘. Why are active user elements placed in table headings? If you browse into some SharePoint folders and quickly want to go back to your OneDrive files you either have to press the back button over and over again until your back to the top level view or you can press-hold the back button and then select ‚Files‘. Butthe latter brings you to the top level Library view and you still have to manually go to ‚Files‘. The old app design just had a top menu bar where views could easily be switched. Am I the only one who wants to work on mobile devices? Does Microsoft still expect everyone to use a laptop and run desktop apps? Annoying.Engage customers with Teams Phone Agent and custom voice agents built in Copilot Studio
It’s often difficult for businesses to serve every customer right away during surges in call volumes. Callers sit on hold while staff race to work through the backlog. Meanwhile, agentic voice AI is opening entirely new ways to serve customers, such as getting answers to questions or even enabling them to pay a bill over the phone, including after hours and on weekends. We are excited to announce Teams Phone Agent, along with the ability to bring custom voice agents your organization builds in Microsoft Copilot Studio to Microsoft Teams Phone. For customer-facing organizations using Teams Phone, like healthcare clinics or bank branches, these agents take repetitive calls off the plate of employees so they can focus on the conversations that truly need a human touch. All this enables faster issue resolution for customers. How Teams Phone Agent works Teams Phone Agent greets callers and resolves common requests with these skills. Questions and Answers: Using configured knowledge bases that support file uploads and URLs, Teams Phone Agent answers callers' questions in natural conversation, so customers get answers quickly instead of being placed on hold or hunting through a website. Appointment scheduling: Teams Phone Agent enables callers to book new appointments, reschedule or cancel existing ones, and find upcoming appointment details so customers can lock in a time without playing phone tag. Conversational Routing with intelligent transfers: Teams Phone Agent supports the same tried and tested routing from traditional auto attendants, such as user or extension lookup and transfer to a user, call queue, and more through conversation. When additional assistance is needed, Teams Phone Agent passes the caller along with the full context of the conversation to the right individual or department. Customers can skip cumbersome phone menus and don’t have to repeat themselves. Multilingual: Teams Phone Agent supports multilingual conversations across 60+ supported languages, allowing callers to interact naturally in their preferred language and helping organizations deliver global voice experiences at scale. Automate what’s unique to your business with Copilot Studio voice agents When you need to automate processes unique to your business, like letting patients fill a prescription over the phone, custom voice agents that your organization builds in Copilot Studio step in. Teams Phone Agent can seamlessly hand off a call to custom voice agents whenever those specialized skills are needed. Alternatively, you can set things up so customers can dial a Copilot Studio custom voice agent directly through a Teams Phone line. Voice agents with Teams Phone in action Here are a few illustrative use cases for how Teams Phone Agent and Copilot Studio voice agents can help organizations engage their customers: Answer routine questions without making callers wait. A healthcare clinic can use Teams Phone Agent to answer common questions about hours, locations, accepted insurance, and appointment preparation, helping patients get answers quickly while staff focus on care coordination. Book and reschedule appointments over the phone. A home services company can use Teams Phone Agent to help customers schedule, confirm, or change appointments for plumbing or electrical repairs in natural conversation, helping reduce back-and-forth calls and freeing employees from repetitive scheduling work. Route customers to the right expert with context. A bank branch can use Teams Phone Agent to understand what type of support a caller needs, such as assistance with completing a mortgage loan application. Teams Phone Agent can then transfer the call to the right team with the conversation context included. Complete business-specific tasks with a Copilot Studio voice agent. A pharmacy can use a Copilot Studio custom voice agent to help customers request a prescription refill by phone and check order status, giving customers a simpler way to manage routine needs without waiting for staff assistance. Support customers after hours. A utility provider can use a Copilot Studio custom voice agent connected to Teams Phone to let customers report an outage or get billing help outside normal business hours. Launch Demo An expanding ecosystem of voice agents for Teams Phone We want customers to have choice across first-party and third-party voice agents. That is why we are working with select solution developers to integrate their voice agents with Teams Phone. AudioCodes is announcing general availability of its voice agent for Teams Phone today, with additional solutions expected in the future. Get started Teams Phone Agent and the ability to integrate custom voice agents built in Copilot Studio with Teams Phone are now accessible through the Frontier program. Join Frontier so that your organization can get early access to Microsoft’s latest AI innovations. Teams Phone admins can set up Teams Phone Agent through Teams admin center. Learn more. Copilot Studio makers can navigate to Microsoft Copilot Studio to set up a voice agent and then assign it to Teams Phone Agent or a Resource Account to be called directly. Learn more. Licensing during the Frontier preview Teams Phone Agent is available via the Frontier program. Service limitations may apply. Custom Copilot Studio voice agent experiences—whether reached through a Teams Phone Agent hand-off or by direct dial—are accessible via the Frontier program and are billed consumptively at a rate based on the orchestration type your organization selects when building the agent in Copilot Studio. Learn more. Billing for Copilot Studio voice agent experiences in Teams Phone will roll out by early July, and usage will not be charged prior to this rollout. Service limitations may apply. When the billing experience is rolled out, all Frontier preview users will be required to set up billing to continue using Copilot Studio voice agents for Teams Phone. Tenants must also meet standard Teams Phone prerequisites, including a properly configured Teams Phone resource account. Learn more. All licensing, pricing, and service limits are subject to change. Additional information will be communicated at general availability.Unleashing the power of agents in Microsoft Planner
In today's fast-paced world, AI has become an essential tool for enhancing productivity and efficiency. We are committed to empowering our users with innovative solutions that simplify their work processes, and we’re thrilled to introduce the latest updates to Microsoft Planner, designed to leverage the power of Copilot and agents to streamline project management and task organization. With the recent announcement of Project Manager agent, rolling out in public preview in the Planner app in Microsoft Teams, and the rollout of the new Planner for the web, we are bringing you a comprehensive suite of tools to help you and your team achieve more with less effort. We invite you to explore these exciting new features and discover how they can transform the way you work. Introducing Project Manager agent Project Manager agent is a new AI-powered agent designed to enhance your planning experience by acting as a virtual project manager within your plans. Project Manager agent is built to streamline your planning process, empowering you to focus on the strategic aspects of your work while it handles some of the tasks on your behalf. It is the latest development in enhancing and transforming team collaboration with AI in Planner. Earlier this year, we introduced Copilot in Planner (preview) as a personal companion experience designed to work alongside your planner workflow. With Project Manager agent, we’re now bringing AI capabilities directly into your plans, allowing you to interact with the agent as an integral part of your plan. Project Manager agent takes your goals and automatically breaks them down into actionable tasks. But it doesn’t stop there, it can also execute these tasks on your behalf. By managing the plan and executing tasks, the agent enables you to focus on impactful decisions while it contributes directly to the success of your project. When you start a plan with Project Manager agent, it guides you to define a goal you want to achieve (for example, conducting research on a specific topic). The agent will then generate all the necessary tasks for the research topic. Assign these tasks to the agent, and it will execute on them, providing detailed output that is automatically captured in a Loop page embedded within each task. All members of the plan can collaborate directly within the Loop page, exchanging comments and feedback with the Project Manager agent. Upon selecting Regenerate, the agent incorporates the feedback and generates a refined response, improving the task outcomes. At any point, if Project Manager agent does not have adequate information to generate necessary output, it will even ask clarifying questions that will allow it to provide better responses. You will notice that Project Manager agent is capable of contributing at every step of your plan, delivering value throughout the process. This comes with a new Project Manager View in Planner—your hub for setting goals, generating tasks, and showcasing the execution status. This intuitive interface lets you set your project goals and generate tasks, assign tasks to team members or the agent for execution and track progress and statuses in real time. Additionally, in the board view, you can also group tasks by Project Manager, which shows all the Project manager tasks and status in the appropriate buckets. At its core, the Project Manager agent runs on the Multi-Agent Runtime Service (MARS), a platform built on Microsoft Autogen. MARS leverages specialized agents with unique expertise, enabling the Project Manager agent to perform effectively across diverse scenarios. See the blog post to learn more about how Project Manager agent and MARS function. To help you get started, we’ve provided predefined, customizable templates on various topics, allowing you to quickly kickstart a Project Manager plan and easily tailor it to meet your specific goals. Once you’ve selected a template, you can modify the plan to align with your specific needs and goals, ensuring it meets your unique requirements while leveraging the agent’s capabilities for streamlined execution. From idea, to plan, to done, the Project Manager agent is your trusted partner, ensuring every aspect of your plan is managed seamlessly. We’re also introducing the Microsoft Whiteboard canvas in Planner! This new feature allows you and your team to brainstorm directly within the context of your plan. Upon creating a new plan with the Project Manager agent, you will now see a Whiteboard tab in the plan. Whiteboard offers a dynamic and collaborative canvas within Planner, allowing users to easily convert ideas into tasks and streamline workflow from ideation to action. In the canvas, you and your team can engage in real-time collaboration using inking, sticky notes, and templates. With the Planner integration, you can quickly convert your notes to tasks in one click, directly adding them to your plan. We’re excited to bring these powerful tools to your planning experience, and we can’t wait to see the impact of the Project Manager agent in your daily workflows! The new Project Manager agent will be rolling out to public preview in the Planner app in Teams in the coming weeks. To explore these capabilities, customers are required to have a Microsoft 365 Copilot license and also need to ensure their current Microsoft 365 licensing allows them access to Microsoft Loop. As this is a preview release, please note that the features may evolve based on user feedback and ongoing improvements. Initially, Project Manager agent will support English language as the interaction medium, and other languages in the future. We’d love for you to try it out and share your thoughts to help shape its future development! Please select the thumbs up or thumbs down button in the Project Manager view or in the Task details to share what you think about the experience. In addition, we are announcing two more capabilities that will be coming soon to Microsoft Planner: 1. Copilot in My Tasks view: This feature brings AI-powered organization and prioritization to your tasks, helping users effectively manage their backlog and enabling them to stay on top of what matters most. 2. Automated status report emails: Provides the capability to automatically generate a status email from your plans, streamlining the process of sharing weekly updates so you can spend less time on emails and more time moving projects forward. We expect these features to be available for our customers to try early 2025. Join us at Microsoft Ignite to learn more about Project Manager agent in our breakout session, "Boost productivity with Copilot in Microsoft 365 apps." Try Planner for the web today! The new Planner for the web is now available! This marks another major milestone in the Planner journey that we announced last November at Ignite. In April, we launched the new Planner app in Microsoft Teams, and now we've completed the rollout with Planner for the web. Planner for the web now brings together the simplicity of Microsoft To Do, the collaboration of Planner, the power of Project for the web, and the intelligence of Microsoft 365 Copilot into a simple, familiar experience. Discover a new way to manage tasks for individual plans, team initiatives, and larger scale project management aligned to goals and key strategic objectives. We’re excited for you to try it out and share your thoughts. Thanks to your ongoing feedback, we’re continuing to roll out bug fixes and new enhancements regularly to both Planner in Teams and Planner for the Web. We have more exciting updates coming soon including the availability of Planner for the web in GCC, a new board view in the My Tasks view, an updated experience for the Planner app in Teams channels, and more. Check in regularly on the roadmap to learn about what’s coming. Explore the new Portfolios feature The frequently requested Portfolios feature is also rolling out in the Planner app in Teams and will start rolling out in the new Planner for the web app in the coming weeks! This powerful addition is designed to help you effortlessly manage and track progress across multiple plans. With Portfolios, you can now get a consolidated view of all your premium plans and tasks, ensuring nothing slips through the cracks. Whether you're coordinating between teams or looking for a top-down perspective, Portfolios in Planner makes it all possible in one location, streamlining workflows and enhancing collaboration. Join our session at Microsoft Ignite We are eager to share more details about these exciting updates during our session at Microsoft Ignite! Join us as we dive deeper into the new features and capabilities of Planner, and learn how they can elevate your teamwork. Don't miss this opportunity to connect with our team and get a firsthand look at what's new. Share your feedback Your feedback helps inform our feature updates and we look forward to hearing from you as you try out the new Planner! Provide feedback by using the Feedback button in the top right corner of the Planner app. We also encourage you to share any features you want to see in the app by adding it to our Planner Feedback Portal. Learn more Check out the recently refreshed Planner adoption page. Sign up to receive future communication about Planner. Check out the Microsoft 365 roadmap for feature descriptions and estimated release dates for Planner. Watch Planner demos for inspiration on how to get the most out of the new Planner app in Microsoft Teams. Watch the recording from September's What’s New and What’s Coming Next + AMA about the new Planner. Visit the Planner help page to learn more about the capabilities in the new Planner.
Communities tab in Teams
Hi there I've recently had the Communities tab pop up in my Teams alongside the Teams and Channels tab. No one else in my organisation can see this yet and we aren't sure why. I know it's being rolled out on a timeline but I was also wondering if it might be because I'm the only one in the org who has an Microsoft Viva Employee Communications and Communities licence? Does anyone have any insights into this? We'd like to make a bit of a roll out plan once this appears in our colleagues Team's set ups.
Struggling to get managers to actually use 1:1 meeting agendas in Teams
We've been trying to get our managers to run structured 1:1s with their direct reports using Teams. Right now they just hop on a call with no agenda and wing it. HR wants there to be a documented agenda, talking points from both sides, and some kind of record of what was discussed. We tried using Loop components and OneNote but managers find it clunky to set up every time and most of them just stopped doing it after a few weeks. Is there a better way to handle recurring 1:1 meeting agendas directly in Teams?
How much should Teams presence influence call routing
One thing I've noticed recently is that many Teams Phone environments still treat presence as a destination state rather than a routing input. A typical flow might look like: Caller selects an option Call is transferred User is unavailable Caller ends up in voicemail or another queue Technically the routing worked. From the caller's perspective, it often didn't. I'm curious how others are approaching this. Are you using Teams presence as part of your call-routing logic? For example: Available → transfer immediately Busy → offer an alternative path In a meeting → capture context Offline → route elsewhere Or are traditional queues and escalation paths still sufficient for most scenarios? Interested to hear what people are doing in real deployments.
Don't expire attached chat files | Show a warning.
Teams allows users to upload files to share with others in a chat. These files inherit the organization's sharing policy. So whether you use Share or Copy Link in SharePoint or OneDrive or you use Attach File in Teams, the same default policy is applied. The issue, what makes the Teams experience different from SharePoint / OneDrive, is that the message with the attached file persists in the chat. A file that was attached to a conversation two months ago appears to still be in the chat. However, the default policy blocks access to the file that appears present. Moreover, there is no method for the sender to alter the sharing policy using the Attach function. When this an issue, this is a HUGE issue. Suggestions: Actually attach the attached file and store in the recipient's Attachments folder. Don't use a paperclip icon that says "Attach file" for files that aren't actually attachments. Warn the sender that the attached file inherits the organization's 'Share with anyone' policy and may expire. Prompt the sender to alter the sharing link before sending. Put a timer on the attachment showing the countdown to expiration. After the expiration date, the file should be labeled "Your organization's sharing policy has expired access to this file". Add a button for the recipient to request access to the file again.
