Hugging Face's logo

Spaces:
AYI-NEDJIMI
/
m365-security-scorecard
Paused

App Files Community
m365-security-scorecard
File size: 6,362 Bytes
9cbf102
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
# M365 Security Scorecard - File Index

## Project Overview
A comprehensive Microsoft 365 security assessment tool built with Gradio 4.44.0, featuring bilingual interface, real-time scoring, and interactive visualizations.

## Files

### 1. app.py
**Purpose**: Main Gradio application  
**Size**: ~20 KB (420 lines)  
**Status**: SYNTAX VERIFIED - NO ERRORS

**Key Components**:
- `SECURITY_CHECKS` dict: 6 categories with 54 total security checks
- `KQL_HUNTING_QUERIES` list: 5 threat hunting queries for Microsoft Sentinel
- `calculate_scores()`: Real-time score calculation
- `create_radar_chart()`: Plotly radar visualization
- `create_gauge_chart()`: Plotly gauge visualization
- `create_recommendations_html()`: Smart recommendations engine
- `create_kql_queries_html()`: KQL query display
- `create_resources_html()`: Resource links section
- `generate_markdown_report()`: Export functionality
- `update_display()`: Event handler for real-time updates
- Gradio Blocks interface with tabs and interactive components

**Features**:
- Bilingual EN/FR support
- Real-time scoring (0-100% per category)
- Interactive visualizations (radar + gauge)
- Smart recommendations (top 5 priority fixes)
- KQL queries for threat hunting
- Markdown report export
- 11 resource backlinks
- Creator attribution

### 2. requirements.txt
**Purpose**: Python dependencies specification  
**Size**: 54 bytes

**Contents**:
```
gradio==4.44.0
huggingface_hub==0.24.7
plotly==5.18.0
```

All versions are pinned for reproducibility.

### 3. README.md
**Purpose**: Project documentation and Space configuration  
**Size**: ~5.3 KB

**Sections**:
- YAML frontmatter (Hugging Face Spaces compatible)
- Feature overview
- 6 security categories with check details
- 11 resource links
- Usage instructions
- Creator attribution

**YAML Configuration**:
```yaml
title: M365 Security Scorecard
emoji: πŸ›‘οΈ
colorFrom: blue
colorTo: indigo
sdk: gradio
sdk_version: 4.44.0
python_version: "3.10"
app_file: app.py
```

## Security Assessment Content

### Categories (6)
1. **Identity & Access** (8 checks)
   - MFA, Conditional Access, Legacy Auth, Privileged Protection, Password Policy, Sign-in Risk, User Risk, Guest Access

2. **Data Protection** (8 checks)
   - DLP, Sensitivity Labels, Encryption at Rest/Transit, External Sharing, Classification, PAW, Monitoring

3. **Email Security** (10 checks)
   - Anti-Phishing, Anti-Spam, Safe Links, Safe Attachments, DMARC, SPF, DKIM, Encryption, Malware Detection, Tagging

4. **Application Security** (8 checks)
   - App Consent, OAuth Restrictions, API Permissions, Third-party Monitoring, Risky Detection, Credentials, Throttling, Hardening

5. **Monitoring & Audit** (10 checks)
   - Audit Log, Alerts, Sentinel, Advanced Audit, Activity, Admin Logging, Cloud Security, Anomaly Detection, Incident Response, Log Review

6. **Compliance** (10 checks)
   - Retention, eDiscovery, Communication Compliance, Records, Legal Hold, Information Barriers, GDPR, Insider Risk, Residency, Manager

**Total Checks**: 54

### KQL Hunting Queries (5)
1. Detect MFA Bypass Attempts
2. Detect Privilege Escalation via PIM
3. Detect Suspicious Mail Forwarding Rules
4. Detect Mass File Access or Download
5. Detect Risky OAuth App Consent

### Resources (11)
All links to ayinedjimi-consultants.fr articles:
1. Top 10 Tools for M365 Security Analysis
2. Zero Trust M365 Implementation
3. Threat Hunting with M365 Defender/Sentinel
4. Secure M365 Access with CA and MFA
5. Automate M365 Security Audit with PowerShell/Graph
6. Leveraging Microsoft Graph API
7. Advanced M365 Audit with Log Correlation
8. M365 Security Best Practices 2025
9. M365 Compliance: Integrated Tools
10. Detecting Compromised Identities
11. Microsoft 365 Audit Guide

## Technical Specifications

### Gradio 4.44.0 Compliance
- Uses `gr.Tab` (not deprecated `gr.TabItem`)
- No `scale=` parameters on components
- No `gr.update()` calls
- Clean f-string formatting (no backslashes)
- Proper event binding
- Compatible component structure

### Dependencies
- **gradio**: 4.44.0 - Web framework
- **huggingface_hub**: 0.24.7 - Integration support
- **plotly**: 5.18.0 - Interactive visualizations

### Code Quality
- Python 3 syntax verified
- No compilation errors
- Modular function design
- Clean architecture
- Proper import statements

## Deployment

### To Hugging Face Spaces
1. Create a new Space on huggingface.co
2. Push these 3 files to the repository
3. Hugging Face automatically deploys using Gradio

### Local Testing
```bash
cd /home/deeptechadmin/hf/spaces/m365-scorecard
pip install -r requirements.txt
python3 -m gradio app.py
```

## Features Summary

| Feature | Status | Details |
|---------|--------|---------|
| Bilingual Interface | βœ“ | EN/FR toggle |
| 6 Categories | βœ“ | 54 total checks |
| Real-time Scoring | βœ“ | 0-100% per category |
| Radar Chart | βœ“ | Plotly visualization |
| Gauge Chart | βœ“ | Overall maturity display |
| Recommendations | βœ“ | Top 5 priority fixes |
| KQL Queries | βœ“ | 5 threat hunting queries |
| Markdown Export | βœ“ | Full report generation |
| Resources | βœ“ | 11 backlinks included |
| Creator Attribution | βœ“ | AYI-NEDJIMI Consultants |

## Validation Status

All components verified:
- βœ“ Python syntax (no errors)
- βœ“ File structure correct
- βœ“ Dependencies specified
- βœ“ Documentation complete
- βœ“ All 54 checks included
- βœ“ 5 KQL queries added
- βœ“ 11 resources linked
- βœ“ Gradio 4.44.0 compatible
- βœ“ README frontmatter valid

## Scoring Algorithm

### Per Category
```
Score = (Checked Items / Total Items) Γ— 100%
```

### Overall Score
```
Overall = Average of all category scores
```

### Maturity Levels
- 0-25%: Critical
- 25-50%: Low
- 50-75%: Medium
- 75-100%: High

## Recommendations Logic
- Identifies unchecked items
- Prioritizes by category with most gaps
- Returns top 5 fixes
- Respects language selection

## File Locations
```
/home/deeptechadmin/hf/spaces/m365-scorecard/
β”œβ”€β”€ app.py (420 lines)
β”œβ”€β”€ requirements.txt (3 lines)
β”œβ”€β”€ README.md (with YAML)
└── INDEX.md (this file)
```

## Creator Information
[AYI-NEDJIMI Consultants](https://ayinedjimi-consultants.fr/bio.html)
Specializing in Microsoft 365 security, compliance, and threat hunting.

## License
Apache License 2.0

---
Last Updated: 2026-02-13
Status: READY FOR PRODUCTION