The M365 Security Assessment That Used to Take a Week Now Takes Minutes
TL;DR
- A Microsoft 365 security assessment that traditionally takes hundreds of man-hours can run automatically in minutes once a tenant is connected to CloudCapsule.
- As of December 2024, CloudCapsule automates more than 70 mappings to the CIS Controls, each with collected evidence, remediation steps, and end-user notification templates.
- Third-party tool attestations and assumed-risk selections fill the gaps Secure Score ignores, so assessments reflect the whole security stack, not just Microsoft's slice.
- White-labeled executive summaries replace the 4 to 6 manual hours per client MSPs typically spend building security report collateral.
- One portal surfaces findings like excessive privileged users and MFA coverage gaps that otherwise require checking six admin centers per tenant.
Most Microsoft 365 security work is reactive. A ticket lands, a setting changes, a renewal demands evidence, and someone spends a weekend exporting screenshots from admin portals. We built CloudCapsule to flip that: a security assessment that runs in minutes, maps to a trusted standard, and produces something you can put in front of a client the same day.
Why do security assessments still eat hundreds of hours?
We talk to a lot of MSPs and internal IT teams. Maturity varies wildly, but the same three complaints come up almost every time:
- Security feels ad hoc, and everyone is hunting for standardization. Many teams follow Secure Score, but it does not feel like it maps to best practices or compliance standards.
- Security assessments take hundreds of man-hours and do not scale, especially with Microsoft rearranging its portals all the time.
- Tools promising "one-click resolution" do not survive contact with end users. Flipping settings without visibility causes disruption. What teams actually need is a clear, continuous improvement plan they can articulate to customers.
Every one of those is a visibility problem before it is a tooling problem. Here is how CloudCapsule addresses them.
Connect a tenant, get an executive summary in minutes
Today, collecting the data for a single customer assessment can be a hundred-hour project, whether at onboarding or as part of a quarterly or bi-annual review.
With CloudCapsule, you connect a tenant and within seconds data starts streaming back to the portal, topped with an executive summary of the findings.

CIS mappings with evidence, not just a score
A hardening checklist or a Secure Score number rarely tells you what matters most. Aligning to a compliance standard like CIS or NIST CSF gives your cyber hygiene a level of guidance a checklist cannot, and it protects your scarcest resource, which is time.
As of December 2024, CloudCapsule automates more than 70 mappings to the CIS Controls. Each mapping shows the evidence collected, remediation steps, and end-user notification templates. That last part matters: before turning on a security setting, you can clearly communicate its impact, both to avoid disruption and to help the customer understand the why. That is what one-click resolution tools skip.

What about the controls Microsoft cannot see?
Secure Score has a blind spot: nobody fulfills every security control with Microsoft solutions alone. Third-party backup and security awareness training are the classic examples, and tracking them usually happens in spreadsheets, manually, badly.
CloudCapsule lets you augment the assessment with attestations for the third-party tools you already run. Cyber insurance essentials reporting is a great use case: the controls your other tools satisfy get recorded alongside the Microsoft findings, and annotations persist across assessment refreshes.
You can also mark assumed risk on individual controls, so accepted risks are recorded and reviewed over time instead of living in someone's memory. The result is an assessment that is complete enough to review with a customer, not just a Microsoft-shaped slice of one.

Your brand on the portal and the report
Security conversations with customers go better with proper collateral. CloudCapsule white-labels the platform with your branding, so you can walk a customer through findings live in the portal or hand over a generated summary that looks like it came from your shop, because it did.

The executive summary, without the 4 to 6 hours
Every company has an executive or board member who wants the quick snapshot: how healthy is the tenant, what is red, and what are we doing about it. CloudCapsule generates that report instantly, branded, with the top-level findings from the latest assessment. Before CloudCapsule, MSPs told us assembling that report took roughly 4 to 6 manual hours per client.

One portal instead of six
Beyond the baseline mappings, CloudCapsule collects hundreds of additional data points so you stop tab-hopping across six admin portals per client. Excessive privileged users, accounts not covered by MFA, and similar findings surface in one place.


The audit that used to eat a consultant's whole week now runs while you grab coffee. What you do with the reclaimed time, preventative work, customer conversations, actual remediation, is the point.
Frequently asked questions
How is this different from Microsoft Secure Score?
Secure Score only sees Microsoft solutions and offers little sense of priority or compliance alignment. CloudCapsule maps findings to standards like CIS, shows the evidence behind each result, and lets you attest controls fulfilled by third-party tools such as backup or security awareness training.
Does the assessment work on every tenant?
It works against production Microsoft 365 tenants. It does not run against M365 developer tenants.
Can clients see the report under our brand?
Yes. The portal and the generated executive summary both carry your branding, so you can walk a customer through findings or hand over a report without CloudCapsule in the frame.
See your first tenant's posture in minutes
Connect a tenant and get a CIS-mapped assessment with evidence, remediation steps, and an executive summary you can put in front of a client. The first scan is free.
Run a free assessment
Written by
Nick Ross
CEO · Microsoft MVP · Founder, T-Minus 365
Nick is not just a CEO, he's a respected thought leader and influencer in the MSP space. Tens of thousands of MSPs learn through his YouTube channel, T-Minus365. Nick has been honored as a three-time Microsoft MVP for his educational content; his expertise and influence are the backbone of our mission, ensuring that you are in the best hands when it comes to security.
Nick joined Pax8 in 2017, where he would ultimately oversee product management for PSA and Microsoft integrations. Following his tenure at Pax8, Nick has continued to demonstrate his leadership prowess as an executive at various MSPs, culminating in his most recent role at Sourcepass.
Nick holds a Bachelor's Degree in Business Management from Florida State University, as well as a Minor Degree in Entrepreneurship. In his free time, Nick is an avid hiker, reader, and fitness-junkie.


