Reading Results
Maintained by: Aether365 Team Audience: IT administrators and security analysts Scope: Reading and filtering scan results
When a scan completes, the results are available immediately in the dashboard. This page explains how to interpret your scan results.
Security Score
The top of the results page shows a security score - a percentage representing the proportion of applicable checks that passed.
Score = Passed / (Passed + Failed) x 100Skipped checks are excluded from the score calculation. A check is skipped when it is not applicable to your tenant (for example, a check requiring a specific license you do not have).
Scores are shown per scan type and, for compliance scans, per framework:
- Overall score across all checks
- Score per framework (CIS, EIDSCA, CISA SCuBA, NIS2)
- Score per service area (for exposure scans)
Pass / Fail / Skip Summary
Below the score, the results show three counts:
| Label | Meaning |
|---|---|
| Passed | Check evaluated and the control is correctly configured |
| Failed | Check evaluated and the control is not met |
| Skipped | Check not applicable to this tenant or configuration |
Filtering Results
Use the filter panel to narrow results:
- Status - Show only failed, only passed, or only skipped checks
- Severity - Filter by Critical, High, Medium, or Low
- Framework - Filter by compliance framework (compliance scans)
- Service - Filter by M365 service area (exposure scans)
- Search - Search by check ID or title
The most common view is filtering to Failed checks to focus remediation efforts.
Check Detail
Clicking on any individual check opens a detail panel showing:
- Check ID - The unique identifier (e.g.,
CIS.M365.1.1.1) - Title - A plain-language name for the check
- Result - Pass / Fail / Skip
- Severity - Critical / High / Medium / Low
- Framework - Which benchmark this check belongs to
- Description - What the check evaluates and why it matters
- Remediation steps - How to fix it
- Reference link - Official Microsoft or framework documentation
Comparing Scans Over Time
The dashboard shows your historical scans in a list. You can click any previous scan to see its results.
The scan detail page shows a delta indicator next to each check if the result changed from the previous scan of the same type:
- Green arrow up - Previously failed, now passed
- Red arrow down - Previously passed, now failed
- No indicator - Result unchanged
This makes it easy to track remediation progress and spot regressions.
CSV Export
You can export scan results as a CSV file for reporting or analysis:
- Open the scan results page.
- Click Export in the top-right corner.
- Select CSV.
The export includes all check IDs, titles, results, severities, and framework labels.
Remediation Guidance
For each failed check, remediation guidance includes:
- What is wrong - A clear explanation of the current misconfiguration
- Why it matters - The risk associated with leaving it unresolved
- How to fix it - Step-by-step instructions referencing the exact admin center or portal location
- Reference - Link to official Microsoft documentation
Remediations reference the standard Microsoft 365 admin center, Azure portal, or PowerShell commands where applicable.