November 08, 2024
Overview of SmartProfiler product family, supported technologies and security frameworks.
The SmartProfier Security Document is designed for Security and Compliance teams. Download document to understand location of data, data privacy and many other items.
Supported Technologies and security frameworks By SmartProfiler-SecID
Permissions Required by SmartProfiler SecID for executing assessments for Microsoft Technologies. The permission sheet contains Application Permissions needed for Entra App.
Assessment Requirements for each Technology supported by SmartProfiler.
Below Permissions are required for Microsoft 365 CIS v4.0.0, Microsoft Azure CIS v2.1.0,Microsoft Azure Entra ID SP v1.0,Microsoft Azure Infra SP v1.0,Azure Database Services CIS v1.0.0,Azure Compute Services CIS v1.0.0,Azure Kubernetes Service CIS v1.5.0,Microsoft AVD Assessment,InTune-iOS ORG CIS v1.1.0,Intune for Windows 11 CIS v3.0.1,Microsoft Windows 10 CIS v3.0.0
| Permission | Type | Microsoft 365 CIS v3.1.0 | Microsoft Azure CIS v2.1.0 | Microsoft Azure Entra ID SP v1.0 | Microsoft Azure Infra SP v1.0 | Azure Database Services CIS v1.0.0 | Azure Compute Services CIS v1.0.0 | Microsoft AVD Assessment | Microsoft FSLogix Assessment | InTune-iOS BYOD CIS v1.1.0 | InTune-iOS ORG CIS v1.1.0 | Intune for Windows 11 CIS v3.0.1 | Microsoft Windows 10 CIS v3.0.0 | |
| AccessReview.Read.All | Permission | Required | NA | NA | NA | NA | NA | NA | NA | NA | NA | NA | NA | |
| AuditLog.Read.All | Permission | Required | Required | NA | NA | Required | Required | NA | NA | NA | NA | NA | NA | |
| AuthenticationContext.Read.All | Permission | Required | Required | NA | NA | Required | Required | NA | NA | NA | NA | NA | NA | |
| Directory.Read.All | Permission | Required | Required | Required | Required | Required | Required | NA | NA | NA | NA | NA | NA | |
| DirectoryRecommendations.Read.All | Permission | Required | Required | NA | NA | Required | Required | NA | NA | NA | NA | NA | NA | |
| IdentityProvider.Read.All | Permission | Required | Required | Required | Required | Required | Required | NA | NA | NA | NA | NA | NA | |
| IdentityRiskyUser.Read.All | Permission | Required | Required | NA | NA | Required | Required | NA | NA | NA | NA | NA | NA | |
| MailboxSettings.Read | Permission | Required | NA | NA | NA | NA | NA | NA | NA | NA | NA | NA | NA | |
| MultiTenantOrganization.Read.All | Permission | Required | NA | NA | NA | NA | NA | NA | NA | NA | NA | NA | NA | |
| MultiTenantOrganization.ReadBasic.All | Permission | Required | Required | NA | NA | Required | Required | NA | NA | NA | NA | NA | NA | |
| OnPremDirectorySynchronization.Read.All | Permission | Required | Required | Required | Required | Required | Required | NA | NA | NA | NA | NA | NA | |
| Organization.Read.All | Permission | Required | Required | NA | NA | Required | Required | Required | Required | NA | NA | NA | NA | |
| Policy.Read.All | Permission | Required | Required | Required | Required | Required | Required | NA | NA | NA | NA | NA | NA | |
| Policy.Read.ConditionalAccess | Permission | Required | Required | NA | NA | Required | Required | NA | NA | NA | NA | NA | NA | |
| RoleManagement.Read.All | Permission | Required | Required | Required | Required | Required | Required | NA | NA | NA | NA | NA | NA | |
| SecurityActions.Read.All | Permission | Required | NA | NA | NA | NA | NA | NA | NA | NA | NA | NA | NA | |
| SecurityEvents.Read.All | Permission | Required | NA | Required | Required | NA | NA | NA | NA | NA | NA | NA | NA | |
| SharePointTenantSettings.Read.All | Permission | Required | NA | NA | NA | NA | NA | NA | NA | NA | NA | NA | NA | |
| ThreatIndicators.Read.All | Permission | Required | NA | NA | NA | NA | NA | NA | NA | NA | NA | NA | NA | |
| User.Read | Permission | Required | Required | NA | NA | Required | Required | Required | Required | NA | NA | NA | NA | |
| User.Read.All | Permission | Required | Required | Required | Required | Required | Required | Required | Required | NA | NA | NA | NA | |
| UserAuthenticationMethod.Read.All | Permission | Required | Required | Required | Required | Required | Required | NA | NA | NA | NA | NA | NA | |
| RoleAssignmentSchedule.Read.Directory | Permission | Required | Required | Required | Required | Required | Required | NA | NA | NA | NA | NA | NA | |
| DeviceManagementManagedDevices.Read.All | Permission | NA | NA | NA | NA | NA | NA | NA | NA | Required | Required | Required | Required | |
| DeviceManagementApps.Read.All | Permission | NA | NA | NA | NA | NA | NA | NA | NA | Required | Required | Required | Required | |
| DeviceManagementServiceConfig.Read.All | Permission | NA | NA | NA | NA | NA | NA | NA | NA | Required | Required | Required | Required | |
| DeviceManagementConfiguration.Read.All | Permission | NA | NA | NA | NA | NA | NA | NA | NA | Required | Required | Required | Required | |
| Application.Read.All | Permission | Required | NA | NA | NA | NA | NA | Required | Required | NA | NA | NA | NA | |
| GroupMember.Read.All | Permission | NA | NA | NA | NA | NA | NA | Required | Required | NA | NA | NA | NA | |
| User.ReadBasic.All | Permission | NA | NA | NA | NA | NA | NA | Required | Required | NA | NA | NA | NA | |
| Reader | IAM Role | Required | Required | Required | Required | Required | Required | Required | Required | NA | NA | NA | NA | |
| Key Vault Reader | IAM Role | NA | Required | NA | NA | Required | Required | NA | NA | NA | NA | NA | NA | |
| Reader and Data Access | IAM Role | NA | Required | NA | NA | Required | Required | NA | NA | NA | NA | NA | NA | |
| Compliance Administrator | M365 Role | Required | NA | NA | NA | NA | NA | NA | NA | NA | NA | NA | NA | |
| Compliance Data Administrator | M365 Role | Required | NA | NA | NA | NA | NA | NA | NA | NA | NA | NA | NA | |
| Global Reader | M365 Role | Required | NA | NA | NA | NA | NA | NA | NA | NA | NA | NA | NA | |
| Sharepoint Administrator | M365 Role | Required | NA | NA | NA | NA | NA | NA | NA | NA | NA | NA | NA |