It would add a lot of value to have these items adjusted or added to the initial assessment report for Microsoft 365/EntraID tenants.

CHANGES

-Currently the list of application permissions does not name the apps in question

-Currently the links in the report all go back to the Huntress portal which we do not allow end users to access

-Currently the "example" mailbox rules and suspicious login events verbiage is not immediately clear- it reads like there was an actual event

ADDITIONS

-Show us users with GA permissions or other admin roles

-Show us MFA details or at least counts of yes/no

-Show if there are there Power Automate Workflows to reset passwords/MFA/setup new MFA auth methods

-Show us whether enterprise app approval restrictions are in place

-Show SharePoint/Teams external sharing setting

-Show whether the M365 tenant allows new admin roles to be assigned without approval by an existing admin