How do I collect from Microsoft Office 365?

The Nanitor Microsoft Office 365 benchmark supports the Microsoft Office 365 cloud through the Nanitor Collector.

Prerequisites

To collect information from Microsoft Office 365, the Nanitor Collector requires access through an application created in Microsoft Azure.
If any further information is required, refer to this page

  1. Sign into the Azure portal: https://portal.azure.com
  2. Select Azure Active Directory -> App registrations -> New registration
    1. Input a name of your choice. 

    2. Under “Supported account types”, select “Accounts in any organizational directory (Any Azure AD directory - Multitenant)
  3. Once the application has been registered, adjust the API permissions. Head to API Premissions -> Add a premission -> Microsoft Graph.
    1. Choose Application permissions 
    2. Select SecurityEvents -> SecurityEvents.Read.All