# M365 Security Scorecard - File Index

## Project Overview
A comprehensive Microsoft 365 security assessment tool built with Gradio 4.44.0, featuring bilingual interface, real-time scoring, and interactive visualizations.

## Files

### 1. app.py
**Purpose**: Main Gradio application  
**Size**: ~20 KB (420 lines)  
**Status**: SYNTAX VERIFIED - NO ERRORS

**Key Components**:
- `SECURITY_CHECKS` dict: 6 categories with 54 total security checks
- `KQL_HUNTING_QUERIES` list: 5 threat hunting queries for Microsoft Sentinel
- `calculate_scores()`: Real-time score calculation
- `create_radar_chart()`: Plotly radar visualization
- `create_gauge_chart()`: Plotly gauge visualization
- `create_recommendations_html()`: Smart recommendations engine
- `create_kql_queries_html()`: KQL query display
- `create_resources_html()`: Resource links section
- `generate_markdown_report()`: Export functionality
- `update_display()`: Event handler for real-time updates
- Gradio Blocks interface with tabs and interactive components

**Features**:
- Bilingual EN/FR support
- Real-time scoring (0-100% per category)
- Interactive visualizations (radar + gauge)
- Smart recommendations (top 5 priority fixes)
- KQL queries for threat hunting
- Markdown report export
- 11 resource backlinks
- Creator attribution

### 2. requirements.txt
**Purpose**: Python dependencies specification  
**Size**: 54 bytes

**Contents**:
```
gradio==4.44.0
huggingface_hub==0.24.7
plotly==5.18.0
```

All versions are pinned for reproducibility.

### 3. README.md
**Purpose**: Project documentation and Space configuration  
**Size**: ~5.3 KB

**Sections**:
- YAML frontmatter (Hugging Face Spaces compatible)
- Feature overview
- 6 security categories with check details
- 11 resource links
- Usage instructions
- Creator attribution

**YAML Configuration**:
```yaml
title: M365 Security Scorecard
emoji: 🛡️
colorFrom: blue
colorTo: indigo
sdk: gradio
sdk_version: 4.44.0
python_version: "3.10"
app_file: app.py
```

## Security Assessment Content

### Categories (6)
1. **Identity & Access** (8 checks)
   - MFA, Conditional Access, Legacy Auth, Privileged Protection, Password Policy, Sign-in Risk, User Risk, Guest Access

2. **Data Protection** (8 checks)
   - DLP, Sensitivity Labels, Encryption at Rest/Transit, External Sharing, Classification, PAW, Monitoring

3. **Email Security** (10 checks)
   - Anti-Phishing, Anti-Spam, Safe Links, Safe Attachments, DMARC, SPF, DKIM, Encryption, Malware Detection, Tagging

4. **Application Security** (8 checks)
   - App Consent, OAuth Restrictions, API Permissions, Third-party Monitoring, Risky Detection, Credentials, Throttling, Hardening

5. **Monitoring & Audit** (10 checks)
   - Audit Log, Alerts, Sentinel, Advanced Audit, Activity, Admin Logging, Cloud Security, Anomaly Detection, Incident Response, Log Review

6. **Compliance** (10 checks)
   - Retention, eDiscovery, Communication Compliance, Records, Legal Hold, Information Barriers, GDPR, Insider Risk, Residency, Manager

**Total Checks**: 54

### KQL Hunting Queries (5)
1. Detect MFA Bypass Attempts
2. Detect Privilege Escalation via PIM
3. Detect Suspicious Mail Forwarding Rules
4. Detect Mass File Access or Download
5. Detect Risky OAuth App Consent

### Resources (11)
All links to ayinedjimi-consultants.fr articles:
1. Top 10 Tools for M365 Security Analysis
2. Zero Trust M365 Implementation
3. Threat Hunting with M365 Defender/Sentinel
4. Secure M365 Access with CA and MFA
5. Automate M365 Security Audit with PowerShell/Graph
6. Leveraging Microsoft Graph API
7. Advanced M365 Audit with Log Correlation
8. M365 Security Best Practices 2025
9. M365 Compliance: Integrated Tools
10. Detecting Compromised Identities
11. Microsoft 365 Audit Guide

## Technical Specifications

### Gradio 4.44.0 Compliance
- Uses `gr.Tab` (not deprecated `gr.TabItem`)
- No `scale=` parameters on components
- No `gr.update()` calls
- Clean f-string formatting (no backslashes)
- Proper event binding
- Compatible component structure

### Dependencies
- **gradio**: 4.44.0 - Web framework
- **huggingface_hub**: 0.24.7 - Integration support
- **plotly**: 5.18.0 - Interactive visualizations

### Code Quality
- Python 3 syntax verified
- No compilation errors
- Modular function design
- Clean architecture
- Proper import statements

## Deployment

### To Hugging Face Spaces
1. Create a new Space on huggingface.co
2. Push these 3 files to the repository
3. Hugging Face automatically deploys using Gradio

### Local Testing
```bash
cd /home/deeptechadmin/hf/spaces/m365-scorecard
pip install -r requirements.txt
python3 -m gradio app.py
```

## Features Summary

| Feature | Status | Details |
|---------|--------|---------|
| Bilingual Interface | ✓ | EN/FR toggle |
| 6 Categories | ✓ | 54 total checks |
| Real-time Scoring | ✓ | 0-100% per category |
| Radar Chart | ✓ | Plotly visualization |
| Gauge Chart | ✓ | Overall maturity display |
| Recommendations | ✓ | Top 5 priority fixes |
| KQL Queries | ✓ | 5 threat hunting queries |
| Markdown Export | ✓ | Full report generation |
| Resources | ✓ | 11 backlinks included |
| Creator Attribution | ✓ | AYI-NEDJIMI Consultants |

## Validation Status

All components verified:
- ✓ Python syntax (no errors)
- ✓ File structure correct
- ✓ Dependencies specified
- ✓ Documentation complete
- ✓ All 54 checks included
- ✓ 5 KQL queries added
- ✓ 11 resources linked
- ✓ Gradio 4.44.0 compatible
- ✓ README frontmatter valid

## Scoring Algorithm

### Per Category
```
Score = (Checked Items / Total Items) × 100%
```

### Overall Score
```
Overall = Average of all category scores
```

### Maturity Levels
- 0-25%: Critical
- 25-50%: Low
- 50-75%: Medium
- 75-100%: High

## Recommendations Logic
- Identifies unchecked items
- Prioritizes by category with most gaps
- Returns top 5 fixes
- Respects language selection

## File Locations
```
/home/deeptechadmin/hf/spaces/m365-scorecard/
├── app.py (420 lines)
├── requirements.txt (3 lines)
├── README.md (with YAML)
└── INDEX.md (this file)
```

## Creator Information
[AYI-NEDJIMI Consultants](https://ayinedjimi-consultants.fr/bio.html)
Specializing in Microsoft 365 security, compliance, and threat hunting.

## License
Apache License 2.0

---
Last Updated: 2026-02-13
Status: READY FOR PRODUCTION