Automated BOD-25-01 CISA Microsoft Policies MCPServer

DynamicEndpoints
GitHub
SecurityMicrosoft 365Compliance

Loading subscription status...

💡 Description

This MCP server provides tools for configuring and managing the security of Microsoft 365 according to the requirements of BOD 25-01. It integrates with the Microsoft Graph API to apply security controls, monitor compliance, and generate detailed reports.

📝 JSON Entries

{
  "mcpServers": [
    {
      "cisa-m365": {
        "env": {
          "CLIENT_ID": "your-client-id",
          "TENANT_ID": "your-tenant-id",
          "CLIENT_SECRET": "your-client-secret"
        },
        "args": [
          "path/to/cisa-m365/build/index.js"
        ],
        "command": "node"
      }
    }
  ]
}

🛠️ Tools

restrict_app_registrationconfigure_global_adminsrestrict_app_consentconfigure_admin_alertsdisable_password_expiryenforce_granular_rolescomplete_auth_methods_migrationenforce_privileged_mfa

Features

  • Legacy authentication blocking
  • Conditions for high-risk user logins
  • Multi-factor authentication setup
  • Password policy management
  • Privileged role management

💬 Example Queries

  • Block legacy authentication
  • Get the current status of all security policies