Hugging Face's logo

Spaces:
AYI-NEDJIMI
/
m365-security-scorecard
Paused

App Files Community
m365-security-scorecard / DEPLOYMENT.md
AYI-NEDJIMI's picture
AYI-NEDJIMI
Upload m365-scorecard Space
807b17d verified
preview code
|
raw
history blame contribute delete
5.02 kB

A newer version of the Gradio SDK is available: 6.16.0

Upgrade

M365 Security Scorecard - Deployment Guide

Project Structure 

/home/deeptechadmin/hf/spaces/m365-scorecard/
β”œβ”€β”€ app.py                # Main Gradio application
β”œβ”€β”€ requirements.txt      # Python dependencies
β”œβ”€β”€ README.md            # Project documentation with YAML frontmatter
└── DEPLOYMENT.md        # This file

Files Created

1. app.py (20 KB)

The main Gradio application with:

  • Bilingual EN/FR interface
  • 6 security categories with 48-54 total security checks
  • Real-time scoring system
  • Interactive Plotly visualizations:
    • Radar chart for category scores
    • Gauge chart for overall maturity
  • Smart recommendations engine
  • 5 KQL hunting queries for threat hunting
  • Markdown report export functionality
  • Resources section with 11 deep backlinks to M365 security guides

Key Features:

  • 100% compatible with Gradio 4.44.0
  • No scale= parameters on components
  • Uses gr.Tab (not TabItem)
  • No backslashes in f-strings
  • No gr.update() calls
  • Clean, maintainable code structure

2. requirements.txt (54 bytes)

Contains exactly:

gradio==4.44.0
huggingface_hub==0.24.7
plotly==5.18.0

3. README.md (5.3 KB)

Comprehensive documentation with:

  • YAML frontmatter for Hugging Face Spaces
  • Feature overview
  • Complete list of 6 security categories with 48-54 checks
  • 11 deep backlinks to AYI-NEDJIMI Consultants resources
  • Usage instructions
  • Creator attribution

Security Categories & Checks

Identity & Access (8 checks)

MFA, Conditional Access, Legacy Auth, Privileged Accounts, Password Policy, Sign-in Risk, User Risk, Guest Access

Data Protection (8 checks)

DLP, Sensitivity Labels, Encryption at Rest, Encryption in Transit, External Sharing, Data Classification, PAW, DLP Monitoring

Email Security (10 checks)

Anti-Phishing, Anti-Spam, Safe Links, Safe Attachments, DMARC, SPF, DKIM, Mail Encryption, Malware Detection, External Email Tagging

Application Security (8 checks)

App Consent, OAuth Restrictions, API Permissions, Third-party Monitoring, Risky App Detection, Credential Protection, API Throttling, Connector Hardening

Monitoring & Audit (10 checks)

Audit Log, Alert Policies, Sentinel, Advanced Audit, User Activity, Admin Logging, Cloud App Security, Anomaly Detection, Incident Response, Log Review

Compliance (10 checks)

Retention Policies, eDiscovery, Communication Compliance, Records Management, Legal Hold, Information Barriers, GDPR Controls, Insider Risk, Data Residency, Compliance Manager

KQL Hunting Queries Included

  1. Detect MFA Bypass Attempts - Identify failed MFA attempts and patterns
  2. Detect Privilege Escalation via PIM - Monitor PIM membership changes
  3. Detect Suspicious Mail Forwarding Rules - Find potentially malicious forwarding
  4. Detect Mass File Access or Download - Identify data exfiltration patterns
  5. Detect Risky OAuth App Consent - Monitor OAuth consent events

Resources Backlinks

All 11 M365 security guides from AYI-NEDJIMI Consultants are integrated:

  1. Top 10 Tools for M365 Security Analysis
  2. Zero Trust M365 Implementation
  3. Threat Hunting with M365 Defender/Sentinel
  4. Secure M365 Access with CA and MFA
  5. Automate M365 Security Audit with PowerShell/Graph
  6. Leveraging Microsoft Graph API
  7. Advanced M365 Audit with Log Correlation
  8. M365 Security Best Practices 2025
  9. M365 Compliance: Integrated Tools
  10. Detecting Compromised Identities
  11. Microsoft 365 Audit Guide

Syntax Verification

All files have been verified:

  • Python 3 compilation: PASSED
  • No syntax errors in app.py: CONFIRMED

Deployment to Hugging Face Spaces

  1. Push to your Hugging Face repo:

    git add app.py requirements.txt README.md
git commit -m "Add M365 Security Scorecard"
git push

  2. The Space will automatically:

    • Install dependencies from requirements.txt
    • Launch app.py via Gradio
    • Display README.md as space description

Local Testing

To test locally:

cd /home/deeptechadmin/hf/spaces/m365-scorecard
pip install -r requirements.txt
python3 -m gradio app.py

Features Summary

  • Bilingual UI: English/French toggle
  • Interactive Assessment: 48-54 checkbox items across 6 categories
  • Real-Time Scoring: Instant calculation and visualization
  • Smart Recommendations: Top 5 priority fixes based on gaps
  • Threat Hunting: 5 ready-to-use KQL queries
  • Export: Download complete security assessment as Markdown
  • Resources: 11 curated backlinks to M365 security guides
  • Mobile Friendly: Responsive Gradio interface
  • Creator Attribution: AYI-NEDJIMI Consultants branding

Notes

  • All dependencies are pinned to specific versions for reproducibility
  • The app uses Plotly for interactive visualizations
  • Language switching updates all labels and recommendations in real-time
  • Recommendations are sorted by priority (number of unchecked items per category)
  • Export reports include timestamp and language selection