The “Security dashboard” presents a set of security-related data that allow you to monitor and understand the overall security posture of your tenant environment, benchmarking it against
- the “CIS M365 Foundations 6.0.0" baseline
- and CoreView's Out-of-the-Box Security & Identity policies.
Please note:
- The “Security dashboard” is accessible exclusively to Tenant Admins.
- If you have kept the default homepage in your settings, each time you log in you will be taken to the Security Dashboard. Learn how to customize your homepage in the “Default homepage” article.
The “Security dashboard” includes the following widgets:
- Security posture: shows the tenant security score and overall compliance.
- Compliance trends over time: shows compliance trends for the last 7-90 days.
- Tenant configuration alignment: shows alignment with tenant configuration settings managed in Configuration Manager.
- Resource compliance: shows compliance with Out-of-the-Box Security & Identity policies
- Recommended actions: lists non-compliant items, summarizes remediation steps, and provides a direct link to take corrective action.
Security posture
Within the “Security posture” widget, “Security score” shows a single percentage that summarizes how well the tenant aligns with the CIS M365 Foundations 6.0.0 baseline and how consistently security policies are enforced across resources.
The score is calculated as the average of the following two metrics:
- Tenant configuration alignment: shows how closely tenant configurations match the “CIS M365 Foundations 6.0.0”
- Resource compliance: shows how effectively resources comply with enabled CoreView security policies.
Calculation example:
If Tenant Configuration Alignment is 60% and Resource Compliance is 80%, your Security Score is (60 + 80) / 2 = 70%.
Compliance trends over time
The “Compliance trends over time” widget shows trend data for “Security score”, “Tenant configuration alignment”, and “Resources” over the last 7/30/60/90 days. You can select the time frame from the dropdown in the top-right corner.
Hover over a chart to see the score for a specific day. Below each chart, a red (negative), green (positive), or grey (neutral) indicator shows whether today’s compliance score has improved, worsened, or remained unchanged compared to the baseline for the selected period.
Tenant configuration alignment
The “Tenant configuration alignment” widget displays how your configurations are distributed across four categories.
In order to create the first snapshot and populate the widget you need to run a BackUp Only in Configuration Manager.
In the pie chart on the left, you'll see the configuration distribution as:
- Aligned: fully matching CIS baseline values.
- Accepted deviation: intentional deviations, formally approved in the conflicting column in Reconcile. Accepted deviations are also shown in the “Tenant configuration alignment report”.
- Unaccepted deviation: conflicting items that are neither aligned nor accepted.
- Recommended from baseline: configurations recommended by CIS that are present in the baseline but not yet implemented in your tenant.
On the right side of the widget, a breakdown of configuration status by workload, such as Entra ID, Exchange Online or SharePoint allows you to identify which specific workloads have the most non-compliant configurations.
For example, seeing a large red section in the Teams column immediately highlights that the majority of configuration problems are concentrated in that workload.
Score calculation
Each baseline configuration is weighted equally in the compliance calculation:
(Total Aligned + Accepted Deviation - Dependencies) / (Total Baseline Configurations - Dependencies) × 100The evaluation of configurations is based on alignment to standards:
- Aligned or Accepted deviations configurations increase the score.
- Unaccepted deviation or Recommended configurations decrease the score.
Each configuration is weighted equally (1:1), so the score increases or decreases by the same percentage for each compliant/non-compliant configuration.
All configurations that are dependencies of other configurations do not contribute to the “Security score” calculation, precisely because they rely on another configuration. Therefore, when reconciling a configuration that has dependencies, aligning the primary configuration will also automatically align its dependent configurations.
Update frequency
This value is updated with each Sync (or backup): either
- in real time when syncing occurs within the same day,
- according to the daily schedule,
- or manually if the scheduled Sync is disabled.
Access the “Tenant Configuration Alignment Report”
Clicking the “Go to summary” button brings you to the “Tenant configuration alignment report”, where you’ll find the complete list of configurations with granular filtering by status and category.
Resource compliance
The “Resource compliance” widget illustrates how your resources (users, groups, Entra apps, SharePoint sites, etc.) comply with the security policies configured in CoreView. Only Out-of-the-Box policies included in the Security and Identity Playbook are taken into account.
A pie chart provides an overview of compliance, illustrating how many policies are compliant, and how many are non-compliant (critical or warning), using a color-coded system.
Statuses include:
- Compliant: shown as green, means that all enabled policies are respected.
- Critical violation: shown as red, indicate that one or more critical policies are not compliant.
- Warning violation: shown as yellow, indicate that warning-level policies are not compliant.
On the right, a category bar chart details compliance for each resource area, clustering policies by security playbook category. You can see the number of policies per category, broken down by severity and compliance status.
Score calculation
The maximum score is the sum of all policies. The compliance rate is calculated as follows: all enabled security policies with critical or warning severity are considered.
Each enabled policy is weighted:
- Critical: 50 points
- Warning: 10 points
- Informational: 0 points
This means that if a policy is compliant with its threshold, it receives 50 points (for critical) or 10 points (for warning); if it is not compliant, it receives 0 points.
Final Score / Maximum Possible Score × 100Update frequency
Data refreshes
- Daily at 12:00 UTC
- And after each full import.
Access the “Security and Identity” Playbook
Clicking “Go to summary” takes you to the “Security and Identity” Playbook tab in the Governance Center (list view).
Recommended actions
The “Recommended actions” widget shows a scrollable list of next steps to improve compliance. Items are split into two tabs:
- Configurations: tenant configurations flagged as “Recommended from baseline” or “Unaccepted deviations”.
- Resources: non-compliant security policies, limited to items with Critical or Warning severity.
Dependencies are not listed, as they do not directly affect the Score Impact. When the primary configuration is updated, any dependent configurations are updated automatically to stay aligned.
Within each tab, items are ordered alphabetically.
Table columns
- Name: the affected policy or configuration.
- Category: Azure, Defender, Entra ID, etc.
- Score impact: the estimated percentage increase in Security Score if the item is remediated.
-
Status: always shown as “Not compliant” with a warning icon, with additional context:
- For configurations: “Unaccepted Deviation” or “Recommended from baseline”;
- For policies: threshold violations.
-
Remediation: the recommended corrective action:
- For configurations: “Align to baseline”;
- For policies: the Remediation name, including the workflow name or “Send report” action.
- Action: the button that opens the relevant remediation flow.
Available actions
-
Compare to baseline: opens the “Reconcile” page, pre-filtered to compare the tenant against the CIS baseline. To proceed, select “Apply” and follow the Reconcile actions. Here, you can:
- Align configuration with the baseline.
- Accept a deviation
- View policy: takes you to the policy edit page to update the policy based on the recommendation.
Every change made via these actions updates both the widget’s scoring and the item’s status badges.
Empty widgets
Sometimes, you might notice that certain widgets or charts in your CoreView dashboard appear empty or show placeholder graphics. This usually means CoreView isn’t receiving the information it needs from your Microsoft 365 environment.
Below are two typical scenarios that may cause missing data in your dashboard:
- No tenant configuration data available
- No resource data available
No tenant configuration data available
If you’ve purchased Configuration Manager but haven’t set it up yet, CoreView won’t receive any configuration data from your tenant.
As a result,
- The pie chart will just show a placeholder
- The dashboard widget will appear without the bar chart
- You’ll see the following message: “No configuration data available. Please set up your data in Configuration Manager to access alignment and compliance information.”
If you click on “Configure tenant”, you’ll be redirected to the “Organization Settings” page, specifically to the Consent management section. Follow the procedure in the “Integrate Configuration Manager in CoreView” to complete the configuration.
After completing the setup, run either a Back Up Only. Once this is done, the widget will display your data correctly.
No resource data available
In a rare case, if you have disabled all the Security Playbook policies (although by default they are enabled), CoreView will not receive any policy data because no policies are active. As a result,
- The pie chart will just show a placeholder.
- The dashboard widget will appear without the bar chart
- You will see the following message: “No resource data available. Please enable your security policy to access compliance information.”
Clicking “Enable Policy” will take you to the Playbooks section in Settings, where you’ll need to manually enable each policy one by one.