A Microsoft 365 security assessment is valuable, however governance aspects identified through and audit are just as important — JML, Ops Support & IR.

Microsoft 365 security failures are often blamed on a missing control, or feature, these matter, but they are rarely the root cause - the lack of governance is!

Microsoft 365 is frequently described as an “ISO 27001–aligned platform”. In isolation, that statement is not incorrect. However...

Metis Security delivers professional penetration testing that combines infrastructure and web application testing (a Pen Test) to identify real-world risk.

External sharing is one of Microsoft 365’s greatest strengths — and one of its most misunderstood risks. This article discuses how to reduce your exposure.

The majority of Microsoft 365 compromises exploit well-known, repeatable misconfigurations that have existed quietly for months or years.

Many organisations believe that because they have Microsoft Defender licensed, they are “covered”. This assumption is very dangerous.

A large number of Microsoft 365 tenants remain insecure — because security is often assumed, misunderstood, or allowed to drift.

Traditional perimeter security assumed that if you protected the network, you protected the organisation. Microsoft 365 has rendered that model obsolete.

In today's digital landscape, where businesses increasingly rely on cloud services to drive innovation and efficiency, ensuring robust cybersecurity measures is paramount. As organisations embrace the transformative potential of the cloud, they must also address the evolving challenges of securing their digital assets and sensitive data from malicious threats. At the forefront of cloud security...