Threat Landscape Assessment

Know Your Risks.
Before Attackers Do.

A continuous, in-depth assessment of your Microsoft 365 security posture — covering identity, email, devices, data, applications, and more. Updated on your schedule. Delivered through your secure client portal.

View Plans & Pricing What's Included
17+
Security domains checked
14+
MS Certifications
100%
Microsoft Graph powered
LIVE ASSESSMENT Monitoring Active
Current Security Posture
🔐 Admins Without MFA 3 Found
📦 High-Risk Apps 7 Apps
🔗 Anonymous Links 42 Active
🕵️ Breach Records 128 Records
🛡️ Secure Score 61%
Last scan: 2 hours ago View Full Report →
What's Assessed

Every Corner of Your
Microsoft 365 Environment

Our assessment covers 17+ security domains using the Microsoft Graph API — giving you real, live data from your actual tenant, not estimates or benchmarks.

🔐
Identity & Access
MFA status, sign-in activity maps, privileged role assignments, PIM eligibility, Conditional Access policy audit, guest accounts, stale accounts.
✉️
Email Security
SPF, DKIM, and DMARC records queried live via DNS — not just Microsoft-managed records. Coverage across all verified domains.
💼
Data Security
Anonymous sharing links, sensitive keyword file detection in SharePoint & OneDrive, sharing capability settings per site and tenant-wide.
🖥️
Endpoint Security
Full device inventory, compliance status, MDM enrollment, Entra ID join types, device ownership breakdown — from Microsoft Intune.
📦
Application Security
Enterprise app permissions risk-scored by type, user consent grants, risky permission detection, and app registration credential expiry tracking.
🛡️
Microsoft Secure Score
Current and maximum score, improvement actions grouped by category, implementation status, and licensing gaps with actionable recommendations.
🕵️
Dark Web Intelligence
Have I Been Pwned breach records cross-referenced against your organization's email accounts — with admin and password breach prioritization.
📊
Trends & History
Compare security posture across assessment dates. Track MFA coverage, high-risk apps, anonymous links, stale accounts, and Secure Score over time.
Transparent Pricing

Choose Your Assessment Plan

Three tiers designed to match your organization's risk profile and budget. All plans include your secure client portal and the full assessment suite.

Monthly
Annual Save 20%
Tier 1
Essentials
Security awareness for growing organizations. Know your baseline.
$99
per month + HST · billed monthly
Monthly Scan
  • Monthly automated assessment
  • Full 17-domain security scan
  • Secure client portal access
  • Executive summary report
  • Identity & MFA status
  • Email security (SPF/DKIM/DMARC)
  • Microsoft Secure Score tracking
  • Data retention: 3 months history
  • Email support (48h response)
  • Dark web breach monitoring
  • Trend comparison reports
  • Dedicated security advisor
Get Started
Most Popular
Tier 2
Professional
Active monitoring for organizations serious about security posture.
$199
per month + HST · billed monthly
Weekly Scans
  • Weekly automated assessments
  • Full 17-domain security scan
  • Secure client portal access
  • Executive + technical reports
  • Dark web breach monitoring
  • Trend comparison reports
  • Week-over-week delta alerts
  • SharePoint keyword scanning
  • Data retention: 12 months history
  • Priority email support (24h)
  • Quarterly advisor check-in call
  • Incident response retainer
Get Started
Tier 3
Enterprise
Continuous coverage with incident response capacity built in.
$249
per month + HST · billed monthly
Daily Scans
  • Daily automated assessments
  • Full 17-domain security scan
  • Secure client portal access
  • Executive + technical reports
  • Dark web breach monitoring
  • Trend comparison reports
  • Real-time drift alerts (new risks)
  • SharePoint keyword scanning
  • Data retention: Unlimited history
  • Dedicated security advisor
  • Monthly strategy review call
  • 4 hrs/mo incident response retainer
Contact Sales

All plans require a one-time onboarding (app registration setup in your tenant). No agents. No software installs. Powered entirely by Microsoft Graph API.
All prices in CAD. HST applies to Ontario clients. Annual billing discounts applied at checkout.

Full Comparison

Plan Features Side by Side

Feature Essentials Professional Enterprise
Scan Frequency
Assessment frequency Monthly Weekly Daily
New-risk drift alerts Weekly digest Real-time
Security Domains
Identity & MFA
Email security (SPF/DKIM/DMARC)
Device compliance & inventory
Enterprise app permissions
Anonymous sharing links
Microsoft Secure Score
Dark web breach monitoring
SharePoint keyword scanning
Reporting & Portal
Secure client portal
Historical trend data 3 months 12 months Unlimited
Date-to-date comparisons
Executive summary report
Technical detail report
CSV export
Support & Advisory
Support channel Email Priority email Dedicated advisor
Response SLA 48 hours 24 hours 4 hours
Advisor check-in calls Quarterly Monthly
Incident response retainer hours 4 hrs/month
Pricing
Monthly billing (CAD + HST) $99/mo $199/mo $249/mo
Annual billing (save 20%) $79/mo $159/mo $199/mo
Common Questions

Frequently Asked Questions

What does the onboarding process look like?
+
Onboarding takes less than 30 minutes. We guide you through registering a read-only application in your Microsoft Entra ID tenant and granting the specific Graph API permissions we need. There is no software to install, no agents to deploy, and no changes made to your environment. We read your tenant's security data — we never write, modify, or delete anything.
What Microsoft 365 licenses do I need?
+
Most of our assessment works with any Microsoft 365 license. However, some features — such as sign-in activity logs and certain identity protection metrics — require Entra ID P1 or P2 (included in Microsoft 365 Business Premium and E3/E5). We'll tell you exactly which sections are available based on your current licensing during onboarding, and flag what you're missing.
Is my data secure? Who can access our assessment results?
+
Your assessment data is isolated per-tenant and accessible only through your password-protected client portal. We use Microsoft Entra ID authentication for portal access — meaning your team signs in with their existing Microsoft 365 accounts. CcureIT staff can access your portal for support purposes, which is disclosed in our service agreement. We do not share your data with third parties.
Can I change plans after signing up?
+
Yes. You can upgrade at any time and the change takes effect immediately. Downgrades take effect at the start of your next billing period. There are no upgrade fees or penalties.
Why daily scans? What changes that fast?
+
Security posture changes constantly — new users are added, app permissions are granted, MFA gets disabled for someone, an app credential expires, a guest account is created with admin rights. For organizations under compliance requirements or those that have previously experienced incidents, catching these changes within 24 hours rather than 30 days is the difference between a near-miss and a breach investigation. Daily scanning is designed for organizations where security is a board-level priority.
What is the incident response retainer on the Enterprise plan?
+
Enterprise clients receive 4 pre-paid hours of incident response work per month, carried out by our security team. This covers activities like investigating suspicious sign-in activity flagged in the portal, assisting with disabling compromised accounts, or helping triage a potential breach. Unused hours do not roll over. Additional hours beyond the retainer are billed at our standard IR rate.
Is there a free trial or a complimentary assessment?
+
Yes — we offer a complimentary one-time Microsoft 365 Security Assessment at no cost. This gives you a complete snapshot of your security posture with no obligation. Many clients use this as a baseline before choosing a subscription plan. Contact us to claim your free assessment.
Ready to Get Started?

Don't Wait for a Breach

Start your Threat Landscape Assessment today. Pick a plan, complete onboarding in under 30 minutes, and have your first report within hours.

Choose a Plan Talk to Us First