At least one Conditional Access policy is configured with All Cloud Apps and All Users
Why This Matters
Without a Conditional Access policy covering all cloud apps and all users, your tenant lacks a baseline security control that can block authentication attempts or require additional verification. Attackers may exploit gaps in policy coverage, gaining access to unprotected applications. This check ensures your environment has a universal safety net for identity-driven threats.
What Aether365 Checks
Aether365 scans your tenant for the presence of at least one Conditional Access policy configured with "All cloud apps" as the target and "All users" as the assigned scope. This check appears in the Aether365 dashboard under the microsoft-365 service category and flags a medium-severity finding if no such policy exists.