boltAssess by Alif

Every Microsoft 365 tenant,
assessed in minutes.

Connect a tenant, run a read-only assessment, and walk away with an AI-written, brand-ready security report — identities, devices, mail, SharePoint, Secure Score and more.

rocket_launchRequest a walk-throughplay_circleTake the tour
dashboard

Whole-tenant dashboard

Identities, licences, compliant endpoints, active risks and Secure Score for every tenant — live, on one screen.

radar

Posture radar

Control-by-control posture mapped from your real tenant state, scored and visualised at a glance.

neurology

AI-drafted findings

GPT-4 writes the executive summary, key findings and remediation — you review and approve.

description

Branded reports

One-click PDF and Excel reports, white-labelled with your brand, ready to hand to the client.

shield_person

Risky-user watch

Put a watch on any user; every sign-in and audit event is tracked with a plain-English alert.

lock

Read-only & API-only

Application permissions, consented per customer. No certs, no standing access, no tenant changes.

Part 1 — Assess

See exactly where a tenant stands.

F.01Tenant inventory

All your tenants in one dashboard.

Sign in and see every customer tenant's secure score side-by-side. Add new ones with a domain or tenant ID. Consent verifies in real time before the first sync runs.

  • task_altAdd tenant by domain or tenant ID
  • task_altConsent verified before sync starts
  • task_altStatus chips — Secure / Review / At risk
  • task_altSync all tenants in one click
assess.alifconnect.io / Tenants
Tenants
9
connected
Avg score
74%
secure
At risk
2
review
check_circleContoso Ltd82% · Secure
chevron_rightFabrikam Inc61% · Review
check_circleNorthwind Trading88% · Secure
F.02Posture dashboard

One tenant, nine focused views.

Switch between Dashboard, Users, Devices, Email, Data, Policies, Apps, Licenses and Baselines — each tab a different angle on the same assessment. No re-fetching, no waiting.

  • task_altMicrosoft Secure Score + Alif posture score
  • task_altAI findings prioritised by impact
  • task_altTile grids drill into detailed tables
  • task_altEvery view from one fetch
assess.alifconnect.io / Dashboard
Secure Score
78.7%
315/400
Alif posture
B+
good
Findings
14
3 high
DashboardUsersDevicesEmailDataPoliciesAppsLicensesBaselines
F.03Framework radar

Compare against 9 compliance frameworks.

Click a framework — CIS, NIST, ISO 27001, Essential 8, and more — to see your tenant scored against it instantly. The dashed ring is the 70% target. Anything outside it needs work.

  • task_altCIS, NIST, ISO 27001, Essential 8 & more
  • task_altPer-control scoring from real state
  • task_altOverall score animates as you switch
  • task_altTarget line at 70%
assess.alifconnect.io / Frameworks
CIS v8NIST CSFISO 27001Essential 8CMMCPCI DSSSOC 2HIPAAGDPR
Scored 71% against CIS v8 — just above the 70% target ring. Pick another framework to re-score instantly.
F.04Admin deep-dive

Audit every privileged admin.

Click any admin to see job title, department, MFA method, risk score, last sign-in, and full licence list — pulled live from Microsoft Graph. The fastest way to answer “is this admin still safe?”

  • task_altIdentity signals — MFA, risk, status
  • task_altProfile context — title, department, UPN
  • task_altFull licence list — not just a count
  • task_altBreak-glass detection + last sign-in age
assess.alifconnect.io / Admins
check_circleSarah Chen — Global AdminMFA: FIDO2
check_circleJames Patel — Exchange AdminMFA: app
chevron_rightbreakglass-01MFA: none
F.05AI-drafted findings

Every finding explains itself.

We don't just flag the issue — AI writes a plain-English paragraph explaining the risk, who it affects, and how to fix it. All grounded in your real tenant state. Edit before you export.

  • task_altSeverity mapped to CVSS-style bands
  • task_altCross-references multiple frameworks
  • task_altCopy to clipboard or rewrite with AI
  • task_altExecutive-summary generator included
assess.alifconnect.io / Findings
HIGH · Two break-glass accounts inherit the tenant-wide MFA Conditional Access policy. During a documented Entra MFA outage they would be locked out — defeating the purpose of break-glass. Exclude both from the policy.
F.06Reports & exports

Two reports, one click.

A branded PDF for the boardroom and a full Excel workbook for the engineer. Same assessment, two formats — exported in seconds.

  • task_altBranded PDF with your logo and colour
  • task_altExcel — one sheet per data view
  • task_altGenerated in under 30 seconds
  • task_altEvery chart embedded, not linked
assess.alifconnect.io / Reports
check_circleBranded PDF — boardroomDownload
check_circleExcel workbook — engineerDownload
Same assessment, two formats. Charts embedded, ready to hand over.
F.07White-label

White-label everything as yours.

Your customers never need to know you use Alif. Swap the name, logo, tagline and accent colour — every report, email, and URL shows your brand.

  • task_altRename it — the preview updates live
  • task_altPick a brand colour — everything re-themes
  • task_altUpload a logo to replace the mark
  • task_altApplied to PDF and portal
assess.alifconnect.io / Branding
Brand
Acme
yours
Accent
#2563EB
themed
Logo
Uploaded
live
Branding flows through the portal, PDF reports and emails. Customers see your name, not ours.
F.08Multi-tenant console

Built for MSPs managing many tenants.

Every customer in one console. Schedule automatic syncs, compare scores side-by-side, and catch security drops the week they happen.

  • task_altUnlimited tenants per workspace
  • task_altEach user keeps their own shortlist
  • task_altScheduled re-syncs (weekly / monthly)
  • task_altScore-drift alerts — email / Slack / Teams
assess.alifconnect.io / Workspace
Tenants
Unlimited
per seat
Auto-sync
Weekly
scheduled
Drift alerts
On
email
F.09Security model

Read-only. Revocable. Stays in your region.

We request only read permissions. Your data never leaves the Azure region you signed up in. Remove a tenant and our app is auto-removed from your directory — no extra steps.

  • task_altRead-only Graph scopes only
  • task_altData stays in your Azure region
  • task_altPer-customer consent, app-only
  • task_altRemove tenant → enterprise app auto-removed
assess.alifconnect.io / Security
check_circleRead-only Graph scopesEnforced
check_circleData residencyCentral India
check_circleRemove tenant → app removedAutomatic
Part 2 — Manage by Alif

Now fix what we found.

M.01One console, every portal

9 Microsoft portals replaced by 1.

Manage every Microsoft 365 setting from Alif. Stop tab-hopping between Entra, Exchange, Teams, SharePoint, Intune, Defender, and Compliance — they're all in one place here.

  • task_altSingle sign-on with your admin identity
  • task_altNo context-switching between tabs
  • task_altOne search box across every surface
  • task_altOne permission model, one audit trail
manage.alifconnect.io / Portals
Entra IDExchangeTeamsSharePointOneDriveIntuneDefenderCompliancePurview
M.02Command center
The whole tenant on one screen.

The left-nav is live — switch modules to see how every surface lands in one console.

manage.alifconnect.io / Dashboard
groupIdentities
2,847
412 guests · 18 admins
verifiedLicences
1,923/2,100
91% utilisation
devicesEndpoints
1,456
82% compliant
warningRisks
12
8 failing · 4 warn
check_circleConditional Access enforced8 / 11
check_circleNo disabled users with licences0 found
cancelPhishing-resistant MFA for GANot set
M.03Identity lifecycle

Onboard and offboard in one click.

Pick a user, pick a template, hit Schedule. Manage runs the full playbook — joiner (create, license, provision, welcome) or leaver (rename, revoke, reclaim, hide from GAL). Every step logged.

  • task_altRole-specific checklist templates
  • task_altSchedule overnight or run now
  • task_altLive log streams each Graph call
  • task_altFailures captured — retry in one click
manage.alifconnect.io / Lifecycle
check_circleCreate + licence + provisionJoiner
check_circleRename + revoke + reclaimLeaver
check_circleHide from GALLeaver
M.04Workflow automation

Automate the response. Save your night.

Set triggers, conditions, and actions once — Manage runs them every night. Catch dormant users, stale guests, admin-role changes, unused licences, and anything else you can wire up.

  • task_altLow-code builder — no scripts
  • task_altRun-history with matched counts
  • task_altAI-suggested workflows from your posture
  • task_altEnable / disable with one toggle
manage.alifconnect.io / Workflows
check_circleDisable dormant users (90d+)Nightly · 12 matched
check_circleRemove stale guestsWeekly · 4 matched
check_circleAlert on admin-role changeRealtime
M.05Score boost

Quick wins, ranked by impact.

Every Secure Score recommendation, sorted by points-per-hour. Click Deploy — Manage applies the fix via Graph. No PowerShell. No portal trip. Watch your score climb in real time.

  • task_altRanked by points / effort ratio
  • task_altOne-click deploy for 80% of controls
  • task_altTrack Applied / In discussion / N/A
  • task_altScore updates within an hour
manage.alifconnect.io / ScoreBoost
chevron_rightBlock legacy authentication+8 pts · Deploy
chevron_rightRequire MFA for admins+6 pts · Deploy
check_circleEnable Safe Links+4 pts · Applied
M.06External sharing control

See every externally shared file.

Every doc, folder, and site shared outside your org — named guest or anonymous link — in one table. Filter by risk, see the evidence, revoke or delete in one click. No PowerShell, no ticket.

  • task_altNamed guests and anonymous links
  • task_altAuto-ranked by risk
  • task_altStop sharing or delete — both audited
  • task_altBulk action on filtered results
manage.alifconnect.io / Sharing
chevron_rightQ4-Forecast.xlsx — anonymous linkRevoke
chevron_rightBoard-deck.pptx — guest@acmeReview
check_circleBrand-assets/ — existing guestsOK
M.07Policy replication

Apply your baseline to every tenant.

Pick the policies from your gold-standard tenant, pick the customers to apply them to, and Alif rolls them out. Conditional Access, DLP, mail-flow rules, retention — every customer aligned in one move.

  • task_altOne source-of-truth tenant, N targets
  • task_altPreview diff before deploying
  • task_altOne-click rollback if a tenant fails
  • task_altPer-tenant exclusions for exceptions
manage.alifconnect.io / Replicate
Source
Contoso
gold
Policies
5
selected
Targets
4
tenants
Conditional Access, DLP, mail-flow and retention rolled out to 4 customers in one move — diff preview and one-click rollback included.
M.08Observation & AI alerts
Watch risky users in plain English.

Pick a watched user — each fires its own incident with a GPT-4 remediation plan.

manage.alifconnect.io / DataGovernance / Observation
Watched users 3
High
7 failed sign-ins from unfamiliar region
14:22 UTC
14:22:15john.t sign-in · failed · 103.29.14.200 (IN)
14:22:41john.t sign-in · failed · 103.29.14.200 (IN)
14:23:02john.t sign-in · failed · 103.29.14.200 (IN)
AIRemediation plan · GPT-4

Summary: User john.townsend@contoso.com triggered 7 failed sign-in attempts from India between 14:22 and 14:41 UTC, outside their normal sign-in pattern (previously always US-West).

1Check with the user — are they travelling?
2If not, force password reset and revoke sessions.
3Review mailbox rules for recent forwarding.
4Confirm legacy auth is blocked for this account.
M.09Audit log

Full audit trail. Forever.

Every change made through Manage — user onboarded, policy deployed, licence reclaimed, alert dismissed — captured in an immutable log. Filter, export, and hand to your auditor in seconds.

  • task_altEvery Manage action — no gaps
  • task_altDistinguishes human, workflow, system
  • task_altImmutable — append-only
  • task_altExport CSV / JSON · retain up to 7 years
manage.alifconnect.io / Audit
check_circlepolicy.deployed — CA: Require MFAadmin · 14:02
check_circlelicence.reclaimed — 12 seatsworkflow · 02:00
check_circlealert.dismissed — risky useradmin · 09:41
Immutable and append-only. Export CSV / JSON, retain up to 7 years.
paymentsSimple pricing

Pick a plan. Cancel anytime.

No hidden fees. No surprise bills. Switch tiers or cancel any time.

Assess
$150/ month

Read-only security posture assessments. Perfect for audits, M&A diligence, and quarterly reviews.

  • check_circleFull 9-view security dashboard
  • check_circle9 framework mappings (CIS, NIST, ISO, more)
  • check_circleAI-written findings with the why & the fix
  • check_circleBranded PDF + Excel reports, unlimited
  • check_circleWhite-label for MSPs
  • check_circleGDAP customer auto-discovery
  • removeRead-only — no remediation
  • removeNo automation engine
credit_cardGet started
starMost popular
Assess + Manage
$399/ month

Find it and fix it. Full assessment plus the operations console — onboarding, automation, baselines, and quick wins.

  • check_circleEverything in Assess, plus:
  • check_circleOne-click fixes via Microsoft Graph
  • check_circleJoiner / mover / leaver playbooks
  • check_circleAutomation engine (if-this-then-that)
  • check_circleBaseline propagation across tenants
  • check_circleExternal-sharing & risky-user watchlists
  • check_circleImmutable audit log, exportable
  • check_circlePriority support & onboarding call
credit_cardGet started
handshakeReady when you are

Ready to try it on your tenant?

A 30-minute walk-through with an Alif engineer on your real tenant, under a read-only trial. Leave with a sample report.

We'll reach out within one business day. We only use your email to follow up.