EntraGuard

Continuous auditing for Microsoft 365 & Entra ID.

EntraGuard analyses your Microsoft 365 and Microsoft Entra ID environment to detect attack paths, dangerous permissions and configuration weaknesses. Security scoring, Neo4j graph explorer, contextual remediation tutorials — deployable via Docker, 100% on-premise.

Free trial — 14 days View pricing

LinuxmacOSWindows (WSL2)Docker | PythonFastAPICeleryReact 18Neo4jPostgreSQLRedis

Graph collectors

A-F

Per-category scoring

Neo4j

Graph attack paths

100%

On-premise

Features

Everything you need

Comprehensive security auditing with built-in best practices.

🌐

8 Microsoft Graph collectors

Users, Groups, Directory Roles, Applications, Service Principals, Conditional Access Policies, Devices, Admin Units. Full or incremental (delta) mode.

🛡️

Scoring & A-F grading

Global score /100 and per category with A-F grading. Stale accounts, dangerous permissions, CA gaps, PIM misconfig, attack paths.

🐛

Attack Path Analysis

Attack path detection via Neo4j graph queries: paths to Global Admin, privilege escalation, MFA and risk context enrichment.

📱

Graph Explorer

Interactive Entra ID graph visualisation: nodes, edges, search, neighbours, shortest paths between two entities.

🔒

MITRE ATT&CK mapping

Each finding is mapped to relevant MITRE ATT&CK techniques, with severity, evidence and actionable recommendation.

🔧

Remediation Tutorials

Step-by-step contextual tutorials per finding, sorted by impact. Ready-to-run PowerShell scripts where applicable.

⚙️

Built-in scheduling

Scheduled scans daily / weekly / monthly via Celery Beat. Smart rate limiting with exponential retry on 429/503.

📄

Score Diff & trends

Comparison between audit runs: global and per-category score delta, new/resolved/changed findings, frontend trend chart.

📄

Multi-format reports

Export to JSON, PDF, HTML and Markdown. Jinja2 template: executive summary, findings by severity, category scores, attack paths, recommendations.

🐛

Notifications

Email (SMTP/TLS), Slack, HTTP Webhook with HMAC-SHA256 signature. Events: scan complete, score drop, critical finding.

📱

Export API (Enterprise)

Authenticated ega_ API keys. /findings, /scores, /audit-runs endpoints for SIEM (Splunk, Sentinel, Elastic) and ticketing (Jira, ServiceNow).

🔒

Multi-tenant (Enterprise)

Up to 10 Entra ID tenants from a single instance. Fernet-encrypted credentials, Azure Key Vault or environment variables.

Installation

Installer EntraGuard

A single command. Docker support included.

EntraGuard

$ curl -sL https://install.coderaft.io/entraguard | bash

Docker only One-command install 100% on-premise

Ready to secure your environment?

Free trial of EntraGuard for 14 days. No credit card required.

Free trial — 14 days Contact us