$199 Flat Fee · Automated · Read-Only Access

Introducing Threshold365Find out what's actually exposed in your Microsoft 365 tenant. Before someone else does.

Threshold365 is a fast, automated security assessment of your Microsoft 365 identity setup — Conditional Access, MFA coverage, legacy authentication, and admin role assignments. You grant read-only access through Microsoft's own consent screen, the scan runs in minutes, and you get a plain-language report with real findings and what to do about them. One flat fee, no ongoing commitment.

Conditional Access

Finds disabled, report-only, or missing policies that leave sign-ins unprotected.

MFA Coverage

Flags accounts with weak or no multi-factor authentication registered.

Legacy Authentication

Detects old protocols like IMAP and SMTP AUTH that bypass MFA entirely.

Admin Roles

Checks for over-provisioned Global Admin access and standing privilege.

Why This Costs $199, Not $1,500

A full hands-on Microsoft 365 security review typically runs $1,500 or more. Threshold365 automates the identity and authentication layer — the part responsible for most real-world account compromises — so you get real, specific findings at a fraction of the cost.

4
Automated checks run against your real tenant configuration
Read-Only
No write access requested — nothing can be changed by the scan
Encrypted
Reports are encrypted at rest and automatically deleted after 90 days
$199
Flat fee, one time — no subscription, no upsell required to see results
You Stay in Control Access is granted through Microsoft's own consent screen and can be revoked by your admin at any time.
Built on Real Audit Experience The checks reflect what an actual manual identity security review looks for — not a generic scanner template.
Plain-Language Findings Every finding explains why it matters and what to do about it — readable by a non-technical owner.
No Hidden Fees $199 is the full price. If you want deeper help acting on findings, that's a separate conversation — never a surprise charge.

What the Assessment Checks

Four checks that mirror what a manual identity security review looks for — run automatically against your real tenant configuration, with plain-language findings and a severity rating on each.

Conditional Access Policies

Reviews every Conditional Access policy in your tenant and flags the ones that look like protection but aren't.

  • Disabled policies providing no active protection
  • Report-only policies never switched to enforced
  • Coverage gaps across your policy set

MFA Coverage

Checks which accounts have multi-factor authentication registered, and whether it's a strong method.

  • Accounts with no MFA registered at all
  • Weak methods (SMS/voice) vs. strong (Authenticator, FIDO2)
  • Coverage gaps across your user base

Legacy Authentication

Scans recent sign-in activity for old protocols that bypass Conditional Access and MFA entirely.

  • IMAP, POP3, SMTP AUTH, and legacy Exchange clients
  • A common target for password-spray attacks
  • Flags ambiguous activity worth a manual look

Admin Role Assignments

Reviews who holds privileged roles — especially Global Administrator — and flags over-provisioning.

  • Global Admin count against Microsoft's recommended max
  • Standing vs. time-bound privileged access
  • Non-human (service principal) accounts with admin roles
Request Your Assessment — $199

How It Works

No installation, no shared passwords, no lengthy onboarding. From request to report is usually a matter of minutes once access is granted.

Request Access

You (or your Global Administrator) approve a Microsoft consent screen that lists the exact read-only permissions being requested — nothing more.

Automated Scan Runs

Threshold365 queries your tenant directly through Microsoft's own Graph API — Conditional Access, MFA, sign-in logs, and admin roles.

Get Your Report

A plain-language report with every finding rated by severity, why it matters, and a specific recommended action — encrypted and sent to you.

Optional Follow-Up

Keep the report and act on it yourself, or reach out to talk through findings and what remediation would actually involve — no pressure either way.

Security & Privacy

A tool that reviews your security shouldn't be a security risk itself. Here's exactly what happens to your data, in plain terms.

This is a solo-operated practice — not a black box. Ask questions about how your data is handled; you'll get a straight, specific answer.

Who's Behind It

Threshold365 isn't a generic scanner — it's built directly from hands-on Microsoft identity security work.

Ryan Lopez-Dunn, Founder of Threshold365

Ryan Lopez-Dunn is a security engineer with production experience across the Microsoft identity stack — Conditional Access architecture, phishing-resistant MFA rollouts, and Privileged Identity Management governance. Threshold365 encodes the same checks used in real, hands-on identity security reviews, automated so any organization can run one.

CompTIA Security+ CompTIA A+ SC-300 (In Progress) Conditional Access & PIM Phishing-Resistant MFA

Common Risks This Assessment Catches

Most organizations don't discover these gaps until an account is compromised. This assessment finds them first.

Admin accounts without phishing-resistant MFA — the single highest-risk configuration in any Microsoft 365 tenant
Legacy authentication protocols still enabled — bypasses all Conditional Access controls entirely
Overly permissive Conditional Access policies — gaps attackers probe for and exploit systematically
No Privileged Identity Management — standing admin access that should be just-in-time
Shared accounts and unreviewed service principals — orphaned access with no owner and no expiry
No risky sign-in monitoring or honeytoken alerting — active attacks occurring with no detection

Frequently Asked Questions

How much does this cost?

$199, flat fee, one time — no subscription, no credit card on file, and no automatic enrollment into anything else. That covers the full assessment and report. If you'd ever want help acting on findings, that's a separate conversation you can choose to have.

What access do I have to grant, exactly?

Read-only access to four things: Conditional Access policies, MFA registration status, sign-in logs (for legacy authentication detection only), and admin role assignments. You approve this through Microsoft's own consent screen, which lists every permission before you accept — nothing is hidden or bundled in.

Is my data safe?

Threshold365 never requests write access, never sees mailbox or file content, and never touches your login credentials. Reports are encrypted at rest, automatically deleted after 90 days, and every access is logged. A full data handling policy is available on request.

How long does it take?

Once access is granted, the scan itself typically completes in minutes. Some data (like MFA registration detail) can take longer to populate depending on your tenant's licensing and recent activity — the report will note this where relevant.

What size organizations is this built for?

Any organization running Microsoft 365 — from small businesses through mid-market. It's especially useful for organizations that have never had a dedicated review of their identity and authentication configuration.

Do you guarantee my organization won't be hacked?

No. This assessment is designed to surface real, specific gaps and reduce risk — not to provide absolute guarantees. Anyone who promises otherwise isn't being honest with you.

Request Your Assessment

A short call to confirm your environment and walk through granting read-only access — then the assessment runs and you get your report. Flat $199 fee. Questions about access or data handling are welcome before you schedule anything.

Microsoft 365 Security Assessment — $199

Bring any questions about how access works or what's checked. We'll get you set up, and you'll have a real report on your Conditional Access, MFA coverage, legacy authentication, and admin roles.

Prefer a full page scheduler? Open Calendly in a new tab.

Email: contact@ldidentitysecurity.com

Remote · Assessments available nationwide · Based in Indiana