Frequently Asked Questions

ConfigCobra is a cloud security posture tool that performs automated CIS-based assessments across Microsoft 365, Azure, and Intune. It helps teams detect misconfigurations, follow security baselines, and stay audit-ready.

IT, security, and compliance teams that manage Microsoft 365, Azure, or Intune environments. It is ideal for both SMBs and enterprises that follow CIS Benchmarks or need continuous compliance visibility.

ConfigCobra currently supports CIS Microsoft 365 Foundations Benchmark, CIS Azure Foundations Benchmark, and curated Intune baselines. Additional benchmarks are being added during the early access phase.

Yes. You can run Level 1 (safe, minimal impact) and Level 2 (stricter, security-focused) profiles. Each rule shows its severity and recommended enforcement action.

The platform connects using read-only Microsoft Graph permissions through Azure AD app registration. No password sharing, no agents, and no invasive permissions are required.

We store only metadata required for compliance reporting. No email content, files, or personal mailbox data is stored. All communication is encrypted in transit and at rest.

ConfigCobra runs on Microsoft Azure (EU region), following strict security standards and controlled access policies.

Selected teams get up to 12 months of free access while we refine the platform. You can run unlimited assessments and all new features as they roll out. Acceptance is based on environment size and use case.

After early access ends, ConfigCobra will offer tiered pricing based on number of tenants and active services. There is no credit card required during early access.

Enforcement allows you to apply recommended configurations inside Microsoft 365 and Azure directly from ConfigCobra. It is currently in development and rolling out to early access partners.

Yes. Any scan can be exported as a branded PDF including summaries, rule evaluations, evidence, and remediation recommendations.