PowerShell security reporting framework for Microsoft 365 identity posture assessment. Analyzes Authentication Context, PIM, Conditional Access & more.

CA-PowerToys is a set of tools to help you manage Conditional Access policies. It is a command line tool that can be used to export, import, and clean up Conditional Access policies and associated Groups, helping to implement a Policy-as-Code approach.

Tools to help implement Conditional Access Policies in Azure AD

This solution is designed for an Azure Runbook to assign users to two Entra ID (AzureAD) groups based on their MFA capability (capable / non-capable).

Sign-in a user with the Microsoft Identity Platform and call an ASP.NET web API that calls a downstream Web API with Conditional Access

Een leuk framework voor Conditional Access. In mijn Blogs kan je mijn beredenering volgen en een stukje instructie.🥰

You wonder how to manage your travelers ? In this scenario we describe how to manage them with Identity Governance and Conditional Access.

Contains Entra Related PowerShell Scripts and Entra Related KQL for Logs in Log Analytics

Sample on how to get Conditional Access Policies and Network Settings using API

An interactive powershell script for Azure/Entra. Creates a set of conditional access policies that will provide improved security over Microsoft's "Security Defaults". This script is primarily for less mature orgs that are perhaps still using Microsofts "Security Defaults" or only have very basic conditional access policies in place.

Sample policies to implement a Zero Trust User Access strategy using Entra ID Conditional Access

Deployment of Zero Trust, persona-based Azure AD Conditional Access Policies via Microsoft Graph, utilizing PowerShell.

Simulate Microsoft Entra Conditional Access policy evaluation

Enterprise-grade deployment framework for Maester - Automated Microsoft 365 security testing with compliance mapping, remediation engine, and multi-platform support (vSphere, Azure, AWS, GCP)

Enterprise-grade Entra ID security automation - from zero to hardened in 3 phases

PowerShell script to export Microsoft Entra ID Conditional Access policies to dynamic HTML.

PowerShell-only Microsoft 365 tenant baseline reporter using Microsoft Graph. Generates JSON + HTML posture outputs.

This project configures Entra Private Access to securely route traffic to an internal line-of-business (LOB) application without exposing it to the internet.

Enterprise Zero Trust Conditional Access architecture implemented in Microsoft Entra ID. Demonstrates phishing resistant MFA, device compliance enforcement, risk based authentication, and staged policy deployment validated through sign in logs.

Hands on lab implementing MFA enforcement using Microsoft Entra ID Conditional Access with policy validation through sign in log analysis.