For the one IT person running M365 at a 100 to 500 person company

Catch the stale Global Admin before your CEO does.

We scan your Microsoft 365 tenant every day, as often as hourly on Scale. When a new Global Admin appears, MFA gets disabled, or a guest you forgot about is still sitting in a finance group, you get a Teams message before anyone in HR or legal sends you that awkward email.

Free scan • No credit card • 5 minutes to connect

Read-only access
EU-hosted, GDPR
70+ security controls
SOC 2 in progress

Your tenant right now (probably)

3 things you'd rather know about

Changing

7 Global Admins

You created 2 of them

MFA policy disabled

A colleague turned it off 3 days ago

Legacy auth enabled

On 4 accounts, including one ex-employee

These are the kinds of things a first scan tends to surface.

You're the only one watching, and you can't watch every change.

You're the entire IT team. You ship laptops, fix Teams, debug printers, and somewhere in there you're meant to keep the M365 tenant tidy. Things slip. Not because anyone screwed up, but because nobody's looking.

The 'temporary' Global Admin you granted in March.

It's now November. They still have full tenant access. You'll find out when your CEO forwards an email from the insurance broker asking why 7 people can read everyone's mailbox.

The MFA policy a colleague disabled 'just to test something'.

It's been off for 3 weeks. Nobody told you. You find out at 11pm on a Sunday when a finance account starts sending invoices in Cyrillic.

The contractor you gave guest access to in June.

His project ended in July. His access didn't. There are 47 others like him sitting in your SharePoint, and you have no idea which ones are still active until someone in legal asks.

Here's how it works

No 6-month rollout, no consultants, no security degree required. You connect it on a Tuesday afternoon and by Wednesday morning you know things you've been missing for months.

1

Sign in with Microsoft

Read-only permissions, granted in 2 clicks. First scan finishes in under 5 minutes. No agent to install, nothing to deploy.

2

See exactly what's changing in your tenant

The exact list: who has too much access, which policies are off, which guests outlived their project. Each one written like a coworker explained it, not like a NIST control.

3

One click and the policy is back on

Re-enable MFA, remove a stale admin, kill a guest account, all from the alert. Turn on auto-fix for the routine stuff so you can actually sleep on Sunday night.

Then it just runs

We scan every day, as often as hourly on Scale. When something changes that shouldn't have, you get a Teams message with what changed, who changed it, and a one-click fix.

New Global Admin appears at 2am → Teams message at 2:15am
Someone turns off Conditional Access → auto re-enabled within the hour
Guest account inactive for 90 days → flagged with the project it came from

The goal: you stop being the person who failed to catch the thing. The tenant just stays tidy on its own.

Free Tool

Not sure where you stand?

Take our free M365 Security Assessment. Answer 12 quick questions and get your security grade instantly. No account or tenant access required.

2 minutes to complete
No tenant access needed
Instant security grade A-F

No signup required

Enterprise Security

Security you can trust

TrueConfig requires privileged access to your Microsoft 365 tenant. We take that responsibility seriously with enterprise-grade security controls.

EU Data Residency

All data stored and processed in Frankfurt, Germany. GDPR compliant by design.

Read-Only by Default

TrueConfig only monitors your configuration. Write access is optional and explicit.

AES-256 Encryption

Data encrypted at rest and in transit. Per-organization encryption keys.

SOC 2 Type II

Independent security audit in progress. Expected Q3 2026.

Find out what's drifted before someone else does.

5 minutes to connect, read-only. A first scan tends to surface things you didn't know about: stale admins, disabled policies, forgotten guests. No credit card required.