M365 - Microsoft 365 Security¶

View Microsoft 365 security posture KPIs and administrator information.

Commands¶

m365 kpis - View M365 threat severity KPIs
m365 admins - List M365 administrators

m365 kpis¶

Display Microsoft 365 threat KPIs with severity breakdown.

1	`mysecutec m365 kpis`

API¶

1	`POST /tam/v1/threats/aggregate`

{
  "group_by": [
    { "path": "severity", "alias": "severity" }
  ],
  "select": [
    { "path": "id", "alias": "count" }
  ],
  "filters": {
    "license_module": ["m365"]
  }
}

Request Example¶

1	`mysecutec m365 kpis`

POST /tam/v1/threats/aggregate
Authorization: Bearer <token>
Content-Type: application/json

{
  "group_by": [{"path": "severity", "alias": "severity"}],
  "select": [{"path": "id", "alias": "count"}],
  "filters": {"license_module": ["m365"]}
}

Response¶

{
  "results": [
    { "severity": "critical", "count": 2 },
    { "severity": "high", "count": 8 },
    { "severity": "medium", "count": 15 },
    { "severity": "low", "count": 25 },
    { "severity": "info", "count": 10 }
  ],
  "total": 5
}

m365 admins¶

List Microsoft 365 administrators.

1	`mysecutec m365 admins`

API¶

1	`GET /tam/v1/m365/administrators`

Request Example¶

1	`mysecutec m365 admins`

GET /tam/v1/m365/administrators
Authorization: Bearer <token>
Accept: application/json

Response¶

{
  "administrators": [
    "admin@example.com",
    "it-admin@example.com",
    "security@example.com"
  ]
}

Model: `M365AdminsResponse`¶

Field	Type	Description
`administrators`	[]string	List of administrator email addresses

M365 Source Data Model¶

When viewing individual M365 threats (via mysecutec threats get), the data field contains:

Model: `M365SourceData`¶

Field	Type	Description
`id`	string	Check ID
`tags`	[]string	Tags
`name`	string	Check name
`index`	int	Check index
`title`	string	Check title
`result`	string	Check result
`help_url`	string	Help URL
`severity`	string	Severity level
`result_detail`	M365ResultDetail	Detailed result

Model: `M365ResultDetail`¶

Field	Type	Description
`service`	string	M365 service name
`test_title`	string	Test title
`result`	string	Test result
`skipped`	bool	Whether test was skipped
`reason`	string	Skip reason
`description`	string	Description

M365 - Microsoft 365 Security¶

Commands¶

m365 kpis¶

API¶

Request Example¶

Response¶

m365 admins¶

API¶

Request Example¶

Response¶

Model: M365AdminsResponse¶

M365 Source Data Model¶

Model: M365SourceData¶

Model: M365ResultDetail¶

Model: `M365AdminsResponse`¶

Model: `M365SourceData`¶

Model: `M365ResultDetail`¶