v0.1.0 — Phase 1 stabilization
First tagged release. Phase 1 stabilization complete.
What's working
./run-audit.ps1orchestrates all 5 phase audits against a real M365 tenant + Azure subscription + Cloudflare-managed DNS zone, producing structured JSON findings per phase and an aggregated markdown report.- 114 Pester tests passing covering Finding module behavior + repo-wide structural integrity.
- 5 audit scripts emit findings conformant to
SCHEMA.mdv1.0.0. - 6 baseline Conditional Access policy JSONs, 5 MITRE-mapped Sentinel ARM templates, 10 KQL hunting drills.
- 4 remediation PowerShell templates for Defender O365 + DNS deployment via Cloudflare.
- Generate-Report aggregates per-phase JSON into markdown with executive summary, ranked gap list, and framework coverage matrix.
Known limitations (will address in v0.2+)
- No mock mode yet — running
./run-audit.ps1requires an actual Azure subscription + Microsoft 365 tenant and az login. Mock mode arrives in v0.2. - Per-domain checks are intentionally shallow at this point (~5-7 per domain). Depth expansion across all 5 domains is v0.3-v0.5.
- No GitHub Actions matrix across PS5.1/PS7 platforms yet. v0.5.
- Defender for Office 365 audit requires
ExchangeOnlineManagementPowerShell module — handled gracefully viaOUT_OF_SCOPEfinding when missing.
Repository status
Private. Public release targeted at v1.0 per ROADMAP.md.
Schema
SCHEMA.md version 1.0.0. Stable contract; future schema changes will bump the major version and be flagged in release notes.