A newer version of the Gradio SDK is available: 6.18.0
M365 Security Scorecard - File Index
Project Overview
A comprehensive Microsoft 365 security assessment tool built with Gradio 4.44.0, featuring bilingual interface, real-time scoring, and interactive visualizations.
Files
1. app.py
Purpose: Main Gradio application
Size: ~20 KB (420 lines)
Status: SYNTAX VERIFIED - NO ERRORS
Key Components:
SECURITY_CHECKSdict: 6 categories with 54 total security checksKQL_HUNTING_QUERIESlist: 5 threat hunting queries for Microsoft Sentinelcalculate_scores(): Real-time score calculationcreate_radar_chart(): Plotly radar visualizationcreate_gauge_chart(): Plotly gauge visualizationcreate_recommendations_html(): Smart recommendations enginecreate_kql_queries_html(): KQL query displaycreate_resources_html(): Resource links sectiongenerate_markdown_report(): Export functionalityupdate_display(): Event handler for real-time updates- Gradio Blocks interface with tabs and interactive components
Features:
- Bilingual EN/FR support
- Real-time scoring (0-100% per category)
- Interactive visualizations (radar + gauge)
- Smart recommendations (top 5 priority fixes)
- KQL queries for threat hunting
- Markdown report export
- 11 resource backlinks
- Creator attribution
2. requirements.txt
Purpose: Python dependencies specification
Size: 54 bytes
Contents:
gradio==4.44.0
huggingface_hub==0.24.7
plotly==5.18.0
All versions are pinned for reproducibility.
3. README.md
Purpose: Project documentation and Space configuration
Size: ~5.3 KB
Sections:
- YAML frontmatter (Hugging Face Spaces compatible)
- Feature overview
- 6 security categories with check details
- 11 resource links
- Usage instructions
- Creator attribution
YAML Configuration:
title: M365 Security Scorecard
emoji: π‘οΈ
colorFrom: blue
colorTo: indigo
sdk: gradio
sdk_version: 4.44.0
python_version: "3.10"
app_file: app.py
Security Assessment Content
Categories (6)
Identity & Access (8 checks)
- MFA, Conditional Access, Legacy Auth, Privileged Protection, Password Policy, Sign-in Risk, User Risk, Guest Access
Data Protection (8 checks)
- DLP, Sensitivity Labels, Encryption at Rest/Transit, External Sharing, Classification, PAW, Monitoring
Email Security (10 checks)
- Anti-Phishing, Anti-Spam, Safe Links, Safe Attachments, DMARC, SPF, DKIM, Encryption, Malware Detection, Tagging
Application Security (8 checks)
- App Consent, OAuth Restrictions, API Permissions, Third-party Monitoring, Risky Detection, Credentials, Throttling, Hardening
Monitoring & Audit (10 checks)
- Audit Log, Alerts, Sentinel, Advanced Audit, Activity, Admin Logging, Cloud Security, Anomaly Detection, Incident Response, Log Review
Compliance (10 checks)
- Retention, eDiscovery, Communication Compliance, Records, Legal Hold, Information Barriers, GDPR, Insider Risk, Residency, Manager
Total Checks: 54
KQL Hunting Queries (5)
- Detect MFA Bypass Attempts
- Detect Privilege Escalation via PIM
- Detect Suspicious Mail Forwarding Rules
- Detect Mass File Access or Download
- Detect Risky OAuth App Consent
Resources (11)
All links to ayinedjimi-consultants.fr articles:
- Top 10 Tools for M365 Security Analysis
- Zero Trust M365 Implementation
- Threat Hunting with M365 Defender/Sentinel
- Secure M365 Access with CA and MFA
- Automate M365 Security Audit with PowerShell/Graph
- Leveraging Microsoft Graph API
- Advanced M365 Audit with Log Correlation
- M365 Security Best Practices 2025
- M365 Compliance: Integrated Tools
- Detecting Compromised Identities
- Microsoft 365 Audit Guide
Technical Specifications
Gradio 4.44.0 Compliance
- Uses
gr.Tab(not deprecatedgr.TabItem) - No
scale=parameters on components - No
gr.update()calls - Clean f-string formatting (no backslashes)
- Proper event binding
- Compatible component structure
Dependencies
- gradio: 4.44.0 - Web framework
- huggingface_hub: 0.24.7 - Integration support
- plotly: 5.18.0 - Interactive visualizations
Code Quality
- Python 3 syntax verified
- No compilation errors
- Modular function design
- Clean architecture
- Proper import statements
Deployment
To Hugging Face Spaces
- Create a new Space on huggingface.co
- Push these 3 files to the repository
- Hugging Face automatically deploys using Gradio
Local Testing
cd /home/deeptechadmin/hf/spaces/m365-scorecard
pip install -r requirements.txt
python3 -m gradio app.py
Features Summary
| Feature | Status | Details |
|---|---|---|
| Bilingual Interface | β | EN/FR toggle |
| 6 Categories | β | 54 total checks |
| Real-time Scoring | β | 0-100% per category |
| Radar Chart | β | Plotly visualization |
| Gauge Chart | β | Overall maturity display |
| Recommendations | β | Top 5 priority fixes |
| KQL Queries | β | 5 threat hunting queries |
| Markdown Export | β | Full report generation |
| Resources | β | 11 backlinks included |
| Creator Attribution | β | AYI-NEDJIMI Consultants |
Validation Status
All components verified:
- β Python syntax (no errors)
- β File structure correct
- β Dependencies specified
- β Documentation complete
- β All 54 checks included
- β 5 KQL queries added
- β 11 resources linked
- β Gradio 4.44.0 compatible
- β README frontmatter valid
Scoring Algorithm
Per Category
Score = (Checked Items / Total Items) Γ 100%
Overall Score
Overall = Average of all category scores
Maturity Levels
- 0-25%: Critical
- 25-50%: Low
- 50-75%: Medium
- 75-100%: High
Recommendations Logic
- Identifies unchecked items
- Prioritizes by category with most gaps
- Returns top 5 fixes
- Respects language selection
File Locations
/home/deeptechadmin/hf/spaces/m365-scorecard/
βββ app.py (420 lines)
βββ requirements.txt (3 lines)
βββ README.md (with YAML)
βββ INDEX.md (this file)
Creator Information
AYI-NEDJIMI Consultants Specializing in Microsoft 365 security, compliance, and threat hunting.
License
Apache License 2.0
Last Updated: 2026-02-13 Status: READY FOR PRODUCTION