Microsoft-Secure-Score-Assessment-Toolkit

2.3.0

A powerful PowerShell toolkit for assessing Microsoft 365 security posture through the Microsoft Secure Score API. Generate comprehensive, interactive HTML reports with 400+ security controls directly from Microsoft Graph API. Features include real-time data fetching, interactive filtering, floating action buttons, and direct links to configuration portals. Perfect fo

Minimum PowerShell version

5.1

Installation Options

Copy and Paste the following command to install this package using PowerShellGet More Info

Install-Module -Name Microsoft-Secure-Score-Assessment-Toolkit

Copy and Paste the following command to install this package using Microsoft.PowerShell.PSResourceGet More Info

Install-PSResource -Name Microsoft-Secure-Score-Assessment-Toolkit

You can deploy this package directly to Azure Automation. Note that deploying packages with dependencies will deploy all the dependencies to Azure Automation. Learn More

Manually download the .nupkg file to your system's default download location. Note that the file won't be unpacked, and won't include any dependencies. Learn More

Owners

Mohammedsiddiqui

Copyright

Package Details

Author(s)

Mohammed Siddiqui

Release Notes

v2.3.0 Security Hardening, Performance Fixes, and Portal URL Modernization

BUG FIXES
- Fixed composable filter system: status + risk + search filters now work together
- Added "All" reset button to risk filter group
- Fixed progress bar counting excluded controls incorrectly
- Fixed Get-OrganizationInfo not handling array return from API
- Fixed 2 GitHub controls silently dropped due to non-HTTP ActionUrl validation
- Non-standard ActionUrls now fall back to portal keyword match instead of rejecting the control

PERFORMANCE
- Replaced string concatenation with StringBuilder in HTML report generation
- Replaced O(n*m) nested loop with O(1) hashtable lookup for URL mappings
- Async Google Fonts loading prevents render-blocking in offline environments

SECURITY
- Removed dangerous auto-install with -Force -AllowClobber (supply chain risk)
- Prevented sovereign cloud URLs from being rewritten to commercial domains
- Replaced empty catch block with diagnostic logging

PORTAL URL MODERNIZATION
- Migrated all compliance.microsoft.com URLs to purview.microsoft.com (retired late 2024)
- Added URL rewrite rule to auto-correct API-returned compliance.microsoft.com URLs
- Added 6 new control-to-portal URL mappings (71 total), eliminating all docs-only URLs
- Added "Purview" keyword to compliance fallback rule

MODULE QUALITY
- Declared RequiredModules in manifest (Microsoft.Graph SDK >= 2.28.0)
- Cross-platform paths via Join-Path throughout module loader
- Clean up all module state in Disconnect finally block
- Get-MicrosoftSecureScoreInfo returns PSCustomObject for programmatic access
- Force array context with @() on API collection returns
- Added -ErrorAction to all critical cmdlet calls

Full changelog at https://github.com/mohammedsiddiqui6872/Microsoft-Secure-Score-Assessment-Toolkit/blob/main/CHANGELOG.md

FileList

Microsoft-Secure-Score-Assessment-Toolkit.nuspec
CHANGELOG.md
Microsoft-Secure-Score-Assessment-Toolkit.psd1
Microsoft-Secure-Score-Assessment-Toolkit.psm1
powershellnerdlogo.png
README.md
SecureScore-Report-20260224-200714.html
SecureScore-Report-20260224-201119.html
SecureScore-Report-20260224-201617.html
Config\control-mappings.json
Core\GraphApiClient.ps1
Core\Logger.ps1
Core\Models.ps1
Processors\ComplianceProcessor.ps1
Processors\UrlProcessor.ps1
Reports\HtmlReportGenerator.ps1
Templates\report-modern-template.html

Version History

Version	Downloads	Last updated
2.3.0 (current version)	0	2/25/2026
2.2.1	25	2/22/2026
2.2.0	7	2/22/2026
2.1.0	55	2/1/2026
2.0.2	244	12/9/2025