The biggest risks are the ones you don't know about. Siemserva works continuously to find them, plus many other issues, helps you fix them, and gives auditors what they need on the first pass.
Senserva's Security Context Graph, Analysis and Recommendations, combined with Senserva's Trustworthy AI, provide continuous security assurance and remediation for Microsoft 365, Intune, and Entra ID.
Important
Walk through the official Quick Start guide at senserva.com/quickstart for the full setup, configuration, and first-scan walkthrough, or to use our advanced simulation as an easy start.
We built the advanced simulation so you can fully evaluate Siemserva without touching a live tenant. Standing up Graph API permissions, getting change-management approval, or just figuring out what "bad" looks like in your own data can take days. The simulation gives you a known, realistic environment from minute one. Same data every run, so training, demos, and screenshots stay reproducible, and you can see exactly what Siemserva should find before you ever point it at production.
The advanced simulation gives you a realistic Microsoft 365 and Entra ID tenant to explore, with planted scenarios you can hunt for, including:
- 1,000+ users, 180 groups, 1,100 devices, 100 apps, and 300 service principals
- A Global Admin without MFA and a stale Global Admin still active
- A jailbroken iPhone registered to a privileged user
- A Storm-0558 style token-theft scenario
- A helpdesk compromise path through tiered admin roles
- Risky Conditional Access gaps, suspicious sign-in signals, and over-permissioned apps
Same data, every run. Perfect for training, demos, and getting comfortable with the dashboard, reports, and Claude MCP before you scan a live tenant.
Or just point Siemserva at a test or live tenant. Siemserva is read-only against your Microsoft 365 and Entra ID environment. We surface findings and generate the remediation steps for you, but you stay in control. Nothing changes in your tenant unless you run the remediation yourself.
Important
Senserva recommends:
- Run a scan against a test tenant first to get a feel for the tool.
- Run the advanced simulation to really dig into the data and the dashboard.
- Scan your working tenants and remediate the issues Siemserva surfaces.
Don't have a test tenant? It is fine to skip step 1 and go straight to the simulation.
Either way, Siemserva is read-only. We scan your Microsoft 365 and Entra ID environment, surface findings, and generate the remediation steps for you, but you stay in control. Nothing changes in your tenant unless you run the remediation yourself.
Please use Issues for bug reports and feature requests, and Discussions for questions, ideas, and Q&A. Keeping the conversation in the open lets everyone share ideas and answers, and helps the next person who runs into the same thing.
Built with care. Used with confidence.
We had a blast building Siemserva, and we hope you have just as much fun putting it to work. Go find the risks no one else can.
Happy hunting, The Senserva Team
- 600+ hourly checks and log reviews tied to compliance standards. Easily integrates with the tools you already run.
- Senserva Trustworthy AI turns raw findings into rich reports and time-saving remediation.
- Built for Claude. MCP server for Claude Desktop and Claude Code, or call Claude (or any AI) from inside Siemserva.
- Industrial strength. Continuous, scalable, audit-ready.
Siemserva is free up to 100 users. Beyond that, $99/month covers unlimited users in your tenant.
| Tier | Users | Price |
|---|---|---|
| Free | Up to 100 | $0 |
| Standard | Unlimited | $99/month |
| MVP / MISA | Unlimited | Free |
| 501(c)(3) Non-Profit | Unlimited | Free |
Microsoft MVPs, Microsoft Intelligent Security Association (MISA) members, and registered 501(c)(3) non-profits get Siemserva free at every tier. If you qualify, email info@senserva.com with your MVP profile, MISA membership, or IRS determination letter to activate.
Running it is the best way to learn. Grab the latest release and download the zip for your platform.
# macOS
./siemserva-osx-arm64 --accept-eula --tenantids <your-tenant-id>
# Windows
siemserva-win-x64.exe --accept-eula --tenantids <your-tenant-id>On macOS, make the binary executable first:
chmod +x siemserva-*…or use the included run-siemserva.sh helper.
| Command | What it does |
|---|---|
| (no parameters) | Interactive setup guide |
-? |
Basic parameters |
--full-help |
Detailed help files |
Tip
Not ready to scan a real tenant? Run siemserva-osx-arm64 or siemserva-win-x64 with no parameters to launch demo mode — a realistic database with 1000+ users baked in.
Demo mode works with both Claude (as an MCP) and Siemserva directly. See SiemservaEvaluationGuide.pdf for a walkthrough of the demo data.
It's also great for training. If you can, run it with Claude Desktop — it's the best way to explore the data Siemserva produces.
Note
Please Star and Follow Us The team loves it and appreciates you for doing it!
Your Microsoft Entra ID tenant has hundreds of security settings. Conditional Access policies, privileged roles, app registrations, device compliance, email security, MFA enforcement — each one a potential gap an attacker can exploit.
Siemserva audits all of them in a single scan. No agents to deploy. No complex setup. Just run it and see what needs fixing.
600+ Security Checks across 15+ domains — Identity & MFA, Conditional Access (What-If API, 14-day sign-in replay, 30-point coverage matrix), Privileged Access & PIM, Application Security, Endpoint & Intune (120+ policy settings vs. baselines), Email Security, M365 Workloads (SharePoint, Teams, OneDrive, Exchange), Azure Subscriptions, Logging & Detection, AI & Agent Security (Copilot Agent identity discovery), and more. All mapped to 31 MCSB controls and 81 SCuBA codes.
Live Interactive Dashboard — full-screen terminal dashboard where findings stream in real time as the scan runs. Severity-coded, searchable, with drill-down details and compliance context on every finding. Delta view shows net-new issues since your last scan.
SIEM Mode — continuous monitoring with scheduled scan cycles, multi-tenant support.
Agentic AI-Powered Analysis — context-aware insights, remediation recommendations, and production-ready PowerShell script generation (press P on any finding). Full Scan Analysis for executive and technical summaries, Context-Sensitive Q&A in natural language, and Security Insights on any tab. Direct streaming via the Anthropic Claude API, or copy-paste friendly for any AI tool. Grounded in 170+ engineer-authored remediation guides.
Compliance Mapping — every finding maps to Microsoft Cloud Security Benchmark (MCSB v2, 31 controls) and CISA SCuBA (81 control codes across 7 product families) with evidence links, justifications, and timestamped assessment-ready evidence. Real pass/fail status per control.
Six AI-Enhanced HTML Report Types — Detailed, Compliance, Business Focused Review, Remediation, Audit, and Portfolio. Self-contained HTML with embedded charts, risk heatmaps, and compliance scorecards. One keystroke (Ctrl+R), no dependencies — opens in any browser, prints to PDF.
Scan, Pipe, Automate — split into two composable halves: --scan outputs NDJSON, --reporter consumes any NDJSON source. Full headless pipeline, multi-source dashboard merging, and Maester connector included. Query the SQLite graph database (79 edge types, 341 tables) in C#, Python, or PowerShell.
No Agents Required — read-only access via Microsoft Graph API. Nothing to install on your tenant. All data stays local — no security data transmitted to Senserva or any third party.
Multi-Tenant Support — scan and monitor multiple Entra ID tenants in a single operation. Portfolio cross-tenant reports for MSPs and MSSPs with portfolio-level risk scoring.
| Channel | Use for |
|---|---|
| Report a Bug | Crashes, scan errors, report rendering issues, unexpected behavior |
| Request a Feature | New checks, report improvements, dashboard features |
| Discussions | Questions, ideas, general conversation |
| support@senserva.com | Direct support from the Senserva team |
We prefer public issues and discussions so that other users can benefit from the conversation. Only use email for reports that would reveal confidential information about your organization.
When reporting issues: Do not share tenant IDs, user names, or other personally identifiable information.
Siemserva is built by Senserva, a security company focused on Microsoft Entra ID protection. We build tools that make enterprise identity security accessible, actionable, and thorough.
Product website: https://siemserva.senserva.com/