Microsoft Office 365 Connector

SaaS Security and Compliance (SSC) enables you to understand the compliance posture of you SaaS applications. For Office 365, you can validate your environment against CIS controls using SSC.  

The Center for Internet Security (CIS) has published CIS benchmarks for O365 that can be validated using SSC.  Several of these controls can only be validated using PowerShell commands executed in the your Azure environment.  

To enable this, you need to install the PowerShell Module (PM) in your Azure environment.   

Prerequisites

1) The instructions involve running a script that uses the Azure CLI. Please make sure you have the Azure CLI installed. If not, please follow the instructions here:

Install the Azure CLI

2) For Windows, please ensure you have a bash terminal installed, for example Cygwin. This is used to execute the script to complete the install.  

3) From the Create Connector wizard, download the qualys_azure_setup.zip zip file. This file contains the required code for the Azure functions that validate individual controls as well as the script to be executed (qualys_azure_installation.sh)

Onscreen instrustions for Office 365 connector

To install PowerShell Module

1 - Unzip the file that yo downloaded from the Create Connector UI

2 - Execute the script qualys_azure_installation.sh

3 - Enter the O365 domain and credentials

Enter O365 domain and credentials

4 - Once you are logged in, choose from one of the displayed subscriptions

choose from one of the displayed subscription

5 - Choose the region in which the functions need to be installed

Choose the region

6 - This will initiate the upload of the functions. This step will take about 10-15 minutes (depending on the network speed). Please do not stop this upload

initiate the upload of the functions

7 - Once the functions are uploaded, at the final step, the Function Name and Function Key are displayed at the console.

Function Name and Function Key are displayed at the console

8 - Test the connection of the “Test URL” in step 7 either on a browser or from the terminal (via a curl command) 

Test the connection

You will see a successful response (responsecode:200) which implies the setup is successful.

9 - Paste the function name and master key – from Step 7 - in the Create Connector  UI and “Test Connection” before you create the connector.

Create Connector in Qualys UI