Know where your Microsoft 365 tenant stands —
against Cyber Essentials v3.3, in ten minutes.
Tenant MOT plugs into your Microsoft 365 / Entra tenant via read-only admin consent, runs a battery of checks against the Cyber Essentials v3.3 control set, and sends you a colour-coded readiness report with a fix-it list. No agents, no installs, no permanent access.
v3.3 (effective 26 April 2026) makes one thing explicit: cloud services cannot be excluded from CE scope. That means every CE applicant on Microsoft 365 needs a posture for it. We give you that posture.
Read-only access · Disconnect at any time · No credit card
A real CE v3.3 gap analysis
Not a self-attestation form — actual telemetry pulled from Microsoft Graph and mapped onto the Cyber Essentials v3.3 control set with direct quotes from the spec.
Read-only by design
Tier-1 access uses application permissions with no write capability. We can't change anything in your tenant; we only read configuration and identity signals.
Action-ready findings
Each gap comes with a plain-English explanation, the relevant CE control reference, and where applicable a copy-paste PowerShell snippet to remediate.
Ready to find out where you stand?
Connect your tenant once. We send the report to the email you sign up with.