Claude for Microsoft 365 security

Siemserva by Senserva turns Claude into an agentic AI security analyst for Microsoft 365, Intune, Defender, and Entra ID. Its market-leading MCP lets Claude, or any agentic AI you choose, run all 650+ checks, map CISA SCuBA and MCSB, and apply approve-before-apply agentic remediation, in plain language. No KQL, no clicking through portals.

Fast Start Buy Now Contact Us

Fast Start includes Download and go. No registration required. Going in seconds.

Microsoft Intelligent Security Association (MISA) member

Live Claude session · Senserva MCP

You

Summarize the top risks in my Siemserva scan, worst first.

Senserva MCP

Claude

Top risks across the demo tenant, ranked by real exposure:

Priya Raman holds standing Global Administrator and currently carries a High user-risk rating from Identity Protection, yet no Conditional Access policy challenges or blocks her. Critical.
Marcus Henderson (helpdesk) signed in from an external IP during a bulk password-reset burst, and no Conditional Access policy was evaluated for the session. Critical.
Exchange Server is missing the fix for CVE-2024-21410 (CVSS 9.8, CISA KEV), an actively exploited privilege escalation. Critical.
SALES-IPHONE-044 is jailbroken and still enrolled with access to mail. High.
Marketing Assets in SharePoint has 11 anonymous share links, three over sales contracts. High.

You

Which accounts have standing Global Administrator with no PIM or MFA?

Claude

Three accounts hold permanent Global Administrator. Priya Raman is the standout: permanent assignment (no PIM) and excluded from the MFA Conditional Access policy. Break-Glass Alpha is also permanent, but that is by design and it is correctly excluded from every enabled policy. The third is a named admin with permanent assignment but MFA enforced and a normal sign-in history.

You

Make Priya eligible through PIM and pull her out of the MFA exclusion.

Claude

Here is the validated change. It converts the permanent assignment to time-bound eligible access and removes the account from the Conditional Access exclusion group. Review and approve to apply, then the next scan confirms it is closed.

# 1. Convert standing Global Admin to PIM-eligible (8-hour activation)
$role = Get-MgRoleManagementDirectoryRoleDefinition -Filter "displayName eq 'Global Administrator'"
New-MgRoleManagementDirectoryRoleEligibilityScheduleRequest -BodyParameter @{
    Action           = "adminAssign"
    PrincipalId      = $priyaId
    RoleDefinitionId = $role.Id
    DirectoryScopeId = "/"
    ScheduleInfo     = @{ StartDateTime = (Get-Date);
                          Expiration    = @{ Type = "afterDuration"; Duration = "PT8H" } }
    Justification    = "Move standing Global Admin to time-bound eligible access (Siemserva)"
}

# 2. Remove the account from the MFA Conditional Access exclusion group
Remove-MgGroupMemberByRef -GroupId $mfaExclusionGroupId -DirectoryObjectId $priyaId

You

Show the CISA KEV CVEs with missing patches on my Windows fleet, ranked.

Claude

Ranked by exploitation, not raw CVSS:

CVE-2024-21410 · Exchange Server EoP · CVSS 9.8 · KEV · 1 host
CVE-2023-23397 · Outlook NTLM credential leak, exploited by APT28 · KEV · 6 hosts
CVE-2024-49039 · Task Scheduler EoP · KEV · 14 hosts
CVE-2025-29824 · CLFS driver EoP · KEV · 9 hosts

KEV and EPSS push these four above the 180 lower-risk CVEs in the same scan.

You

Which Intune devices are non-compliant, and why?

Claude

23 of 142 enrolled devices are non-compliant. The ones that matter: SALES-IPHONE-044 is jailbroken, which fails every compliance rule outright. Two Samsung Galaxy S23 handsets are three security patch levels behind. Four Windows laptops have BitLocker off. The rest are missing the latest cumulative update and will clear on the next patch ring.

You

Where are we failing CISA SCuBA, and draft the fix for the worst one.

Claude

Top SCuBA gaps: device code flow is not blocked, Microsoft Graph has no MFA requirement, and legacy authentication is still allowed. The highest impact is the Graph API MFA gap. Here is a report-only policy to start, scoped to exclude break-glass:

# Require MFA for Microsoft Graph (SCuBA MS.AAD.3), report-only first
New-MgIdentityConditionalAccessPolicy -BodyParameter @{
    DisplayName = "Require MFA for Microsoft Graph (Siemserva)"
    State       = "enabledForReportingButNotEnforced"
    Conditions  = @{
        Applications = @{ IncludeApplications = @("00000003-0000-0000-c000-000000000000") }
        Users        = @{ IncludeUsers = @("All"); ExcludeGroups = @($breakGlassGroupId) }
    }
    GrantControls = @{ Operator = "OR"; BuiltInControls = @("mfa") }
}

You

Summarize this for the board in two lines.

Claude

Two critical identity exposures, a high-risk standing Global Admin and an unprotected helpdesk sign-in, plus one actively exploited Exchange CVE are the priorities this week. All three have validated fixes drafted and waiting for approval, and the next scan will confirm closure.

A real session against the demo tenant: ask in plain language, get grounded findings and validated, approve-before-apply fixes.

How the Senserva MCP turns any AI into an agentic analyst

Under the hood, Siemserva builds your tenant as a living graph, 110+ node tables and 70+ edge tables capturing identity, devices, apps, roles, Conditional Access, patches, and CVEs, and the relationships between them. That structure is why scans are richer and the agentic AI is smarter: it reasons across how your environment actually connects, not a flat checklist, so answers and agentic remediations reflect real blast radius and root cause. The same graph drives continuous security drift management, and the platform comes from founder Mark Shavlik, who built HfNetChk and MBSA at Shavlik Technologies.

A quick install puts the real Claude on a rich simulated tenant at no cost, so you can try the whole agentic AI workflow free. It stays low cost in production, too: you bring your own model, so there is no AI markup, and the rich data model means the agentic AI answers from real findings with fewer calls. Register free to run your own tenant. One longtime customer retired their home-grown PowerShell scripts and now lets Siemserva and Claude handle agentic remediation, reclaiming around 80 percent of the hours they used to spend on hand-rolled tooling.

Frequently asked: Claude and Microsoft 365 security

Can Claude actually remediate Microsoft 365 issues?

Yes. Through the Siemserva MCP, Claude generates automated, Senserva-validated remediation for each finding, often ready-to-run PowerShell, tuned to your tenant. It is automated where it helps and never unattended: you review and approve, and the next scan proves the gap is closed.

What can I ask Claude about my Microsoft 365 security?

Anything in your scan, in plain language: Conditional Access gaps, missing MFA, risky apps and OAuth grants, standing privileged roles, Intune device compliance, CVEs and missing patches ranked by CISA KEV and EPSS, and CISA SCuBA or MCSB compliance posture.

Does it work with CISA SCuBA and ScubaGear?

Yes. Siemserva aligns to the CISA SCuBA baselines and maps every finding to SCuBA and MCSB, so you can ask Claude where you fail SCuBA and how to fix it. It complements CISA ScubaGear by adding ranking, reporting, and validated remediation.

Does it work with Maester and the Microsoft Zero Trust Assessment?

Yes. Import your Maester or Microsoft Zero Trust Assessment results into Siemserva and Claude can rank and remediate them alongside the 650+ native checks, in one model.

Is it safe to run Microsoft 365 from Claude?

Yes. This is Senserva Trustworthy AI: you bring your own model, your data stays local, reads are least-privilege, every fix is grounded in your real findings and validated, and nothing changes without your approval.

Do I need to write KQL or PowerShell?

No. You ask in plain language. Claude reasons over your Siemserva security graph and generates the fix for you, which you review and apply from the UI or from Claude through the MCP.

Claude for Microsoft 365 security

Watch Claude run Siemserva

Why Claude plus Senserva, and not Claude alone

Runs locally, your data stays put

Grounded in 650+ checks, not guesses

You approve every remediation

Claude and the Senserva MCP, in action

How the Senserva MCP turns any AI into an agentic analyst

Try it free, no key needed

Works with Maester, ScubaGear, and the Zero Trust Assessment

Frequently asked: Claude and Microsoft 365 security

Explore the AI Enhanced suite