baref00t.io

// packs / endpoint-intune

Endpoint / Intune Compliance Pack

Global

Endpoint Pack | Global

Device posture is the second most common breach entry point. Deep-dive into your Intune enrolment, compliance, patching, and encryption coverage.

One-off
$349

Single report, no commitment.

Monthly
$229/month

Continuous monitoring — fresh report every 30 days.

Available in AUD, USD, GBP, EUR, SGD. MSP partners get volume discounts via the partner programme.

What it scores

EI1

Enrolment coverage

enrolled vs detected devices, stale enrolments

EI2

Compliance policies

per-platform coverage, compliance state breakdown

EI3

Update rings

Windows Update for Business, feature/quality deferrals

EI4

Encryption

BitLocker enforcement, FileVault, device encryption %

EI5

Application control

approved app lists, WDAC, app protection policies

EI6

Configuration profiles

security baselines, antivirus, firewall policies

Microsoft APIs

  • Microsoft Graph (universal scopes, read-only across the tenant)
  • Azure REST (when the product reads Azure subscription posture)
  • Defender + Intune APIs where applicable

Customer prerequisites

  • Microsoft 365 tenant with admin-consent capability
  • Global Reader or equivalent for the consenting admin
  • No agent installs, no infrastructure changes required
  • Report delivered by email within 10 minutes of consent

Other Packs

entra-hardening
Entra ID / Identity Hardening Pack

Deep-dive into your identity attack surface — the #1 breach vector. Six dimensions covering every aspect of your Entra I

email-security
Email Security Pack

Full email attack surface analysis — spoofing, phishing, data leakage, and mail flow hygiene across your Microsoft 365 t

sharepoint-oversharing
SharePoint & Data Oversharing Pack

Find where your sensitive data is exposed right now — misconfigured sharing, labelling gaps, guest sprawl, and excessive

See all Security & Industry Packs