Security reports and Access control reports

spiceuser-eb69 · 2025-02-06T19:24:35.650Z

Dear All,

On daily basis , I need to produce repports to my manager for monitoring changes in security groups , access control and evaluate security risks
From Active directory , exchange online and MS365.
He doesnt want a third party tool to fecth all this information.

Could someone share the list of daily controls in AD , Exchange online, MS365 and how to downlaod them .

Thank you

tb33t · 2025-02-06T22:01:13.055Z

I would highly recommend a 3rd party for this, but if you absolutely need you can create reports via PowerShell.

Rod-IT · 2025-02-06T22:33:01.820Z

spiceuser-eb69:

I need to produce repports to my manager for monitoring changes in security groups

If this is not being audited you wont get this information, you would have to compare yesterdays users to todays.

As above though, you really want a SIEM, running this daily is going to be monotonous, you really just want a dashboard they can go to and get the stats they want.

Microsoft Sentinel isn’t 3rd party, but it’s also not cheap.

spiceuser-eb69:

Could someone share the list of daily controls in AD , Exchange online, MS365

What do you mean by controls?

What are they looking for?

Setup a SIEM and set it to alert on changes, they wont nee a report, they will be emailed when a group is modified.

My home lab alerts me by email immediately if specific groups are modified, namely DA and EA groups.

Depending on the data you are reading in, a SIEM will need a vast amount of space and some large compute.