Aether365

English

Deutsch
Français
Español
Nederlands
Türkçe
Italiano
Ελληνικά
Polski
Български
Čeština
Dansk
Eesti
Suomi
Magyar
Lietuvių
Latviešu
Norsk bokmål
Português
Română
Slovenčina
Slovenščina
Svenska
Українська

English

Deutsch
Français
Español
Nederlands
Türkçe
Italiano
Ελληνικά
Polski
Български
Čeština
Dansk
Eesti
Suomi
Magyar
Lietuvių
Latviešu
Norsk bokmål
Português
Română
Slovenčina
Slovenščina
Svenska
Українська

Appearance

Scans Overview

Maintained by: Aether365 Team Audience: All users Scope: Overview of scan types and how they work

Aether365 runs two types of security scans against your Microsoft 365 tenant: compliance scans and exposure scans. Both types use read-only access and can be triggered manually or on a schedule.

Scan Types

Compliance Scans

Compliance scans test your tenant against industry-standard security benchmarks. Each benchmark consists of individual controls or checks. The scan evaluates each control and returns Passed, Failed, or Skipped.

Supported frameworks:

  • CIS Microsoft 365 Foundations Benchmark v3.0
  • EIDSCA (Entra ID Security Config Analyzer)
  • CISA SCuBA M365 Security Baseline
  • NIS2

See Compliance Scans for details on each framework.

Exposure Scans

Exposure scans analyze your tenant's configuration for risky or permissive settings. Instead of mapping to a fixed benchmark, exposure checks evaluate whether specific configurations create security risk - for example, broad external sharing in SharePoint, or lack of MFA enforcement in Entra ID.

Results are assigned a severity: Critical, High, Medium, or Low.

See Exposure Scans for details.

When to Use Each Type

GoalScan Type
Meet a regulatory or compliance requirement (ISO 27001, NIS2, CISA)Compliance
Identify risky configurations before an audit or breachExposure
Understand your overall security postureBoth
Respond to a specific incident or alertExposure

Running both types together gives the most complete picture of your tenant's security state.

Data Retention

Scan results are retained for a period after which they are permanently deleted. Results are stored in our EU data centre (Ireland, Sweden) and are isolated per tenant.

Scan Status

Each scan has one of the following statuses:

StatusMeaning
In ProgressScan is running
CompletedScan finished successfully, results available
FailedScan encountered an error (check the dashboard for details)

If a scan fails, check that your tenant is still connected and the consent has not been revoked. You can re-run the scan manually at any time.

Was this page helpful?

© 2026 Aether365. All rights reserved.