Microsoft Subscriptions

Cloud infrastructure requires as much attention as on-premises. With Cygna Auditor, you can secure your data stored in SharePoint Online and OneDrive for Business, trace activity in Teams, and gain transparency in your Entra ID and Exchange Online operations and permissions. Cygna Auditor helps you detect potential threats and mitigate the risk of attacks aimed at your Microsoft Subscription and Microsoft 365 apps.

Start Collecting Data

  1. On the Cygna Auditor home page, select Auditor / Configuration and then drill down to Microsoft Subscriptions.

  2. Click to add a Microsoft 365 organization.
  3. Provide a name and description for the tenant and the tenant ID found in Entra ID.

  4. You may collect data using an Entra ID application in your tenant or by using a Cygna Auditor Enterprise application. The Enterprise application is scheduled to be deprecated and is not recommended for new installations. Refer to Configuring a Microsoft Subscription application for instructions on how to create and authorize an application in your tenant.

    To use the legacy Enterprise application, Authorize yourself to deploy the Cygna Labs application in Microsoft 365. The user you specify must have sufficient permissions to deploy applications in Microsoft 365, i.e. be granted the Global administrator role in your Entra ID domains.

    If you are interested in auditing Entra ID and performing recovery operations, perform additional configuration steps. See Configuring Settings for Azure.

  5. Specify the polling interval. By default, 10 minutes. This value controls how often Cygna Auditor will check for updates in your Microsoft 365 apps.
  6. Ensure the Enabled column is active.
  7. Check connectivity. Click Verify to ensure Cygna Auditor has access to these resources:

    8. cygnacloud.azurewebsites.net (GET and POST)

    graph.microsoft.com (GET only)

    login.microsoftonline.com (GET only)

    login.windows.net (GET only)

    *.microsoftonline-p.com (GET only)

    manage.office.com (GET only)

    management.azure.com (GET only)

Once you configure Microsoft Subscription settings, data collection will start automatically for Entra ID, including sign-in monitoring, Exchange Online, SharePoint Online, etc.

Continue reading:

Dashboard

Auditing

Reports