Microsoft 365 & Azure AD
Exchange Online, SharePoint, OneDrive, Teams, Azure AD identities, conditional access, and related services.
Cloud & Microsoft 365 Security Testing
Reveal misconfigurations and identity paths in Azure, AWS, and Microsoft 365 before attackers do.
Identity and configuration are the new perimeter
Cloud platforms and Microsoft 365 concentrate data and identity in a way that traditional infrastructure never did. Misconfigurations, overly permissive roles, and weak access controls can provide attackers with direct routes to mailboxes, files, and critical services.
Cyber Defence’s cloud and M365 tests focus on how identities, roles, policies, and configurations combine to create or prevent attack paths.
Platforms
Platforms we commonly assess
We tailor each engagement to your actual cloud usage and roadmap.
Azure
Subscriptions, resource groups, networking, storage, compute, Key Vault, and identity / role assignments.
AWS
IAM policies, EC2, S3, RDS, networking, and management plane access.
Hybrid identity
Interactions between on-premises AD, Azure AD, and cloud services, including synchronisation and SSO.
Focus areas
What we look for
We focus on realistic identity and configuration abuse, not only checklist misconfigurations.
Overly permissive roles and policies
Identifying users, groups, and service principals with excessive privileges.
Weak authentication and access
Assessing MFA, conditional access, and legacy protocols for weaknesses and bypass opportunities.
Data access and sharing
Reviewing file and mailbox sharing, guest access, and external collaboration settings.
Management plane exposure
Testing how management portals and APIs could be abused if credentials or tokens are compromised.
Logging and monitoring gaps
Highlighting where activity is not logged effectively, hindering detection and response.
Privilege escalation paths
Mapping how combinations of roles and misconfigurations could be used to gain higher privileges.
Bring your cloud posture in line with your expectations
We will review your cloud and Microsoft 365 estates in the context of how your organisation actually uses them, and provide clear, prioritised remediation guidance.