In the last article, we discussed how to secure our Active Directory. Now, it’s time to talk about how we can secure our Microsoft 365 tenant in the cloud.
Maester | Maester
Your Microsoft Security test automation framework!maester.dev
We are going to talk about Maester. Maester is a Microsoft Security test automation framework which comes with a collection of ready to use tests to help you get started with validating your tenant’s security configuration.
You can configure these tests to run periodically to gain insight into the evolution of your tenant’s security.
So, before using it, we need to install it by running the following commands:
Install-Module Pester -SkipPublisherCheck -Force -Scope CurrentUser
Install-Module Maester -Scope CurrentUser
md maester-tests
cd maester-tests
Install-MaesterTests
After that we have to sign to M365 tenant and run the tests.
Connect-Maester
Invoke-Maester
You’ll need to grant the app permissions for the tests. After you accept, it will begin executing the tests.
After the tests are completed, a report will automatically open, displaying the results in a clear way.
We can filter the results to show only the tests we failed. As you can see, there are many default settings.
To address each issue, we simply need to click on it, and we’ll receive information about the recommended solution.
These are recommended settings to make your cloud tenant more secure, but you need to analyze if they align with your company’s needs and ensure they don’t hinder your employees’ ability to work.