All My Organizations
Combined compliance overview across all your organizations. Click an organization card to switch to it.
My Dashboard
Your assigned controls, overrides, comments, and recent activity.
My Dashboard
Customize your view by adding, removing, or reordering widgets. Drag to rearrange.
Add Widget
Compliance Posture
Compliance Trend
By Application
Security Operations
GRC & Tasks
GRC Status
No controls loaded
Import a scan JSON or run a cloud scan to view controls.
| Status | Control | Zone | Framework | L | Title | Risk | Summary | Actions |
|---|
Controls
Control Catalog
| Control # | Title | Zone | Framework | L | Method | Actions |
|---|
Frameworks & Compliance Zones
Frameworks
Compliance Zones
Compliance Zones
Compliance Zones define which applications and platforms are in scope for your organization. Zones selected under Applicable Compliance Zones (Compliance Config > Settings) determine what appears in reports and compliance calculations. Mark a zone as Primary to feature it prominently on the dashboard and in report details.
| Name | Category | Type | Controls | Compliance | Pass | Fail | Manual | Actions |
|---|
Authorities
Authorities are the organizations that publish security frameworks and benchmarks (e.g. CIS, CISA, DISA, NIST). Each framework references an authority.
| Name | Abbreviation | Description | Frameworks | Website | Actions |
|---|
Frameworks
| Name | Authority | Type | Controls | Actions |
|---|
Compliance Standards
| Name | Authority | Version | Category | Coverage | Actions |
|---|
No overrides
Import a ManualOverrides.json or add overrides directly from the Controls view.
M365_Audit_*.json · Bundle exports
Cisco IOS · Palo Alto · Fortinet · Juniper · Generic
DISA STIG Viewer
.ckl · XCCDF / Nessus / SCC .xml
Scan History
| Name | Groups | Organizations | Actions |
|---|
Manage client organizations and user access.
All registered users across organizations.
| Name | Organizations | Last Active | Actions |
|---|
| Timestamp | Initiated By | Action | Category | Affected Entity | Details |
|---|
Profile
Preferences
Assigned Reviews
Activity History
Trust Center
Showcase your organization's compliance posture, certifications, and security practices. Publish to create a shareable public link.
Organization Profile
Certifications & Standards
Select which compliance standards to showcase publicly.
Security Practices
Compliance Summary
Choose which frameworks to include in the public compliance summary.
🔗 Sub-processors
Third parties that process data on your behalf, shown publicly.
📄 Documents
SOC 2 / pentest / policy links. NDA-gated docs require visitors to accept confidentiality terms; access is logged.
Preview
Self-Serve Q&A
Publish answers from your Knowledge Base so prospects can ask security questions on your public Trust Center and get instant answers — deflecting inbound questionnaires.
Policy Template Library
Manage and share organizational security policies. Publish to create a shareable public policy portal.
| Policy | Category | Status | Version | Owner | Last Reviewed | Actions |
|---|
Security Questionnaires
Manage client and vendor security questionnaires. Use AI Assist to generate draft responses from your compliance data.
| Questionnaire | Client / Vendor | Status | Due Date | Progress | Actions |
|---|
Device inventory, vulnerabilities, and CISA KEV alerts from Defender for Endpoint
No endpoint scan data
Run an endpoint vulnerability scan from Azure Automation to populate this dashboard.
TATER Tuning
Non-human identity monitoring: app registrations, service principals, and managed identities
No identity data
Run an M365 cloud scan to collect non-human identity inventory.
Periodically certify user access across your organization. Create campaigns to review and approve or deny user access.
| Campaign | Scope | Status | Due Date | Progress | Actions |
|---|
| Name | Role | Last Login | Flags | Decision | Justification | Actions |
|---|
Track and assess third-party vendors, their risk profiles, compliance certifications, and assessment status.
Vendor RFPs
Weighted-criteria evaluations across candidate vendors. Score, compare, and award.
Contract Renewals
Vendor contracts expiring within the window. Overdue renewals surface in red. Click a contract to renew or edit.
Vendor Security Ratings
Third-party security ratings across BitSight / SecurityScorecard / UpGuard / RiskRecon / Panorays / Whistic / manual. Sorted lowest-first so the riskiest vendors appear at the top.
Active Projects / Engagements
Active workstreams (migrations, cutovers, IdP changes, network changes, Intune deployments). Agents check this list FIRST when triaging end-user symptoms - active projects are the most likely cause of unfamiliar issues. Document common symptoms and known issues here so future sessions surface them.
| Name | Status | Dates | Tags | Linked |
|---|
Track the recurring oversight meetings your compliance program requires — security threat review, management review, access review, change advisory board, vendor review, incident review, BCP/DR, training, policy. Each meeting maps to the SOC 2 / ISO 27001 control it evidences; TATER tells you when one is due or overdue and keeps the attendee list, agenda, minutes, and decisions as audit evidence.
Inventory every AI system you use, classify it under the EU AI Act, and track your ISO 42001 / NIST AI RMF / EU AI Act control posture. The hottest 2026 compliance category — and TATER speaks AI natively.
Identify, assess, and track organizational risks with linked controls and vendors.
Manage control exceptions and waivers with formal approval workflows and automatic expiration.
Track framework updates, version changes, and their impact on your compliance posture.
| Framework | Version Change | Date | Status | Affected | Actions |
|---|
Approval workflow for High and Critical impact control changes. Low/Medium changes are auto-approved.
| Control | Description | Impact | Type | Status | Requested By | Date | Actions |
|---|
Log Change
High and Critical changes require OrgAdmin approval before being accepted.
Review Change Request
Your client audit engagements. Connect Claude to TATER's MCP and hand it a client's evidence files — Claude reads each file and records it as evidence mapped to the SOC 2 Trust Services Criteria. Track coverage, fill gaps, and write workpapers. Works whether or not the client is a TATER customer.
Plan, execute, and track internal and external audits with findings and corrective action plans.
Auto Remediation
Controls with available remediation scripts. Trigger automated fixes directly from here.
Remediation History
Endpoint Hardening Plan
Select controls to auto-build your remediation plan. Each selection generates the script or Intune configuration inline.
Incident Response Playbooks
Step-by-step response procedures for M365 security incidents.
Ticketing Integration
Connect to Jira, ServiceNow, or a generic webhook to create tickets from failing compliance controls.
Global Settings
Global application settings that apply to all organizations. Only Super Admins can modify these values.
Connect a New Tenant
Grant TATER the permissions it needs to scan your Microsoft 365 environment. A Global Administrator must complete this step.
What permissions will be granted?
Microsoft Tenant IDs
Used to generate scan commands and cross-reference audit results.
+ Directory Search Credentials (optional)
App registration with User.Read.All (Application) permission. You can also add these later via Edit.
Pick the tier matching this tenant's Microsoft cloud. Wrong choice → Graph 401 / DNS resolution errors during scans.
API Keys
Generate API keys for the TATER Compliance Agent. Keys are shown once at creation - copy immediately. Revoked keys stop working immediately.
Client Configuration
Use these values to configure the TATER Compliance Agent on endpoint machines. You can also download a pre-configured config.json file.
Applicable Compliance Zones
Select which applications are relevant to your organization. Only selected zones appear in reports and compliance calculations. The zone marked as Primary (set on the Compliance Zones page) is used for report details and featured on the dashboard. Leave all unchecked to include everything.
Automated Remediation
Configure automated remediation for your organization. When enabled, the Remediate button on controls will trigger Azure Automation runbooks to apply fixes automatically.
Remediation SLA Targets
Define maximum remediation time targets per severity level. Controls exceeding these targets are flagged as SLA breaches on dashboards and the remediation page.
Remediation & Detection Reassessment
Regularly reassess your automated remediation coverage and detection capabilities as user submissions, AI agent findings, and scan results accumulate. This cadence ensures your automation stays current with the evolving control landscape.
- Review all controls with Manual Review status - determine if automation is now possible based on recent submissions
- Check AI agent evidence comments for patterns indicating new remediation opportunities
- Evaluate new compliance controls added in the last quarter - add remediation scripts where feasible
- Test existing remediation scripts against the latest OS/service versions in your environment
- Review detection rules in Defender and SIEM - update to capture new attack techniques from ITDR findings
- Cross-reference CISA KEV with your installed software inventory - ensure automated patching covers newly added KEV entries
SIEM Integration
Forward audit events to external Security Information and Event Management (SIEM) systems via syslog or webhook.
Syslog / CEF
Sends events in CEF (Common Event Format) via RFC 5424 syslog (UDP or TCP). Compatible with: Microsoft Sentinel, IBM QRadar, ArcSight (Micro Focus / OpenText), LogRhythm SIEM, Fortinet FortiSIEM, Elastic Security SIEM, Rapid7 InsightIDR, Blumira, AT&T AlienVault USM Anywhere, Trellix (McAfee) ESM, SolarWinds Security Event Manager (SEM), ManageEngine Log360, Graylog, Sumo Logic, Datadog, Palo Alto Cortex XSIAM, Exabeam, and Securonix.
Webhook
Control Script Template
This template is used when generating stub scripts from the Catalog. Edit it to match your conventions, then save. The stub generator will fill in your control metadata automatically.
Recycle Bin
Deleted items are kept here until permanently removed. Restore to bring them back.
Sample Data
Create demo organizations with sample data for testing and evaluation.
Compliance Score Widget
Embed a read-only compliance score badge on internal dashboards or portals.
Content Provenance Audit
Audit catalog control text for CIS-derived language. Heuristic checks identify which controls need rewriting in TATER's voice for commercial licensing independence (ADO #401). Set CIS_REFERENCE_CORPUS_PATH on the Function App to enable verbatim n-gram matching against a local CIS corpus.
TATER Setup
A guided checklist for getting TATER configured for your tenant. Items adapt to your Microsoft cloud tier, MSP status, and integrations. Progress saves automatically; finishing the list earns the Fully Onboarded achievement.
Pick the tier that matches the tenant you're scanning. The checklist below adapts based on this answer (e.g., GCC High and DoD show different identity / Defender steps).
Intelligence
Predict the Unknown
When enabled, Manual Review controls with a configured Default Compliance value are shown as Predicted Pass or Predicted Fail in dashboards, bars, and reports - reducing the unknown surface area while clearly distinguishing predictions from confirmed scan results. Set the Default Compliance value for each control on the Catalog page.
AI Compliance Analyst
Provide your own Anthropic API key to use your account for AI Analyst conversations. If left blank, the platform key is used (if configured by your administrator). Your key is encrypted at rest and never shared.
Feature Control
Beta Features
SuperAdmins can flag features as beta - they are hidden from all organizations until opted in. Organizations opt in on this page.
Organization Features
Enable or disable features for your entire organization. Disabled features are hidden from all users (except SuperAdmin). Core features cannot be disabled.
Access Control
Groups
Create groups, assign members, and control which features each group can access.
Feature Permissions
Control which features each group can access. Core features (Dashboard, Controls) cannot be disabled.
How to Run Scans
Prerequisites
After the Scan
Azure resource security posture from Defender for Cloud assessments
No Azure resource data
Run an Azure security scan or import Defender for Cloud assessment data to see resource posture.
Integration Marketplace
Connect TATER to your existing tools and automate notifications
Notification Rules
When events occur, automatically send notifications to connected integrations.
Client Dashboard
Monitor compliance posture, alerts, and health across all client organizations
Configuration Documentation
Versioned reference docs for configurations, architecture decisions, and operational procedures - linked to controls, frameworks, and change records.
Business Continuity and Disaster Recovery plan library. Track plans, tests, recovery objectives, and system criticality.
| Plan Name | Type | Owner | Status | Last Tested | Next Test Due | Systems | Actions |
|---|
Plan of Action & Milestones - track and remediate DoD/NIST findings to closure. Help ↑
Details
Weakness Description
Remediation Plan
Milestones
| Description | Target Date | Status |
|---|
NIST Risk Management Framework - track each system through the 6-step ATO lifecycle (Categorize → Select → Implement → Assess → Authorize → Monitor).
New RMF System
System Security Plan documents - author per-control implementation statements, AI-assist drafts, export to OSCAL JSON or Word .docx for federal authorization packages.
New SSP Document
New POAM
Data inventory, processing activities (GDPR Article 30), and privacy impact assessments.
Track security awareness training campaigns, phishing simulations, and per-user completion.
| Campaign | Type | Status | Start Date | End Date | Completion | Participants | Actions |
|---|
Schedule and track periodic control testing. Record test execution results and evidence collection.
| Control | Title | Frequency | Last Tested | Next Due | Result | Tester | Actions |
|---|
Track tasks, incidents, findings, and action items arising from compliance work.
| ID | Title | Type | Priority | Status | Assignee | Due Date | Actions |
|---|
TATER Calendar
Unified timeline - GRC due dates, compliance roadmap phases, scan schedules, access reviews, control tests, and more.
Loading calendar...
Share ideas, vote on feature requests, and see what is planned.
Compliance Roadmaps
Phase-based MSP engagement plans. Auto-generate from scan data, set billing, and export branded proposals for clients.
No roadmaps yet. Create one to start planning a client compliance engagement.
No phases yet. Click Auto-Generate to build risk-ranked phases from your current scan findings.
Monitor identity-based threats: impossible travel, MFA bypass, token theft, brute force, and anomalous sign-in patterns.
No identity threat alerts
ITDR alerts will appear here when sign-in anomalies or identity-based threats are detected from M365 Entra ID data.
Unified security posture across AWS, GCP, and Azure cloud environments.
No cloud accounts connected
Add an AWS, GCP, or Azure account to begin cross-cloud security posture assessment against CIS Benchmarks.
AI-powered compliance assistant - ask questions, get remediation guidance, draft policies, and analyze scan results.
TATER AI Compliance Analyst
I can read your scan results, analyze compliance findings, create risk acceptances, add evidence, assign controls to team members, and trigger remediations.
Use the suggested prompts above or tell me what you need to work on.
Autonomous agent that navigates admin portals to collect evidence for Manual Review controls. Requires TATER Agent installed on a desktop machine.
Get Started - Implementation Progress
Tracks your TATER configuration end-to-end. Status is detected automatically from system data - finish each step to unlock the full feature set and earn organization achievements.
TATER Setup Wizard NEW
A downloadable wizard that configures this organization end-to-end. Pick the features you want (M365 scanning, endpoint agent, email intake, SIEM, remediation, Power Automate monitoring, documentation import, user lookup) and it downloads the scripts, prompts for the variables, runs the device-code logins it needs, and writes the results back — all locally, so your credentials never leave your machine. Connect it with an organization API key.
Double-click on Windows, or run tater-setup-windows-amd64.exe. Already have the agent? Run tater-agent.exe -setup.
TATERpedia SHARED
A Wikipedia-style wiki shared across all TATER organizations. Pages cover controls, applications, frameworks, and free-form troubleshooting / diagnostic / remediation topics. Edited by any Auditor+ in any org. Content must be generic - for org-specific configuration use Configuration Documentation, for org-specific decisions use Comments threads.
Schedule manual configuration collection tasks for devices that cannot be automatically scanned - firewalls, switches, routers, and more.
| Source Name | Device Type | Vendor | Schedule | Assigned To | Next Due | Last Upload | Status | Actions |
|---|
Link this source to a compliance zone so uploaded configs contribute to zone compliance evaluation.
Step-by-step instructions for the technician collecting this configuration. Supports Markdown.
Clients
Licensing
Usage Analytics
Feature usage analytics for your organization. SuperAdmins also see cross-tenant traffic, referrers, and per-org breakdown.
Community
My Activity
Top People XP Leaderboard
Recent Achievements
Org Achievements
My Profile
My Achievements
Subscription Management
Manage all client and MSP subscriptions, billing contacts, seat limits, and renewal dates.
MCP Feedback
Every MCP feedback submission across all orgs. Negative entries auto-file ADO bugs and link to the work item. Use to spot pain points and validate fixes.
TATER Tips
A growing library of bite-sized tips covering every TATER capability - each one links you straight to the page it describes. Search, filter by category or difficulty, or just browse.
Achievements
Leaderboard
Implementation Guides
Curated step-by-step guides for common security initiatives - Conditional Access for compliant devices, MFA rollout, DMARC enforcement, BitLocker, PIM for admins, and more. Each guide includes prerequisites, ordered steps with verification criteria, rollback notes, and links to the controls and frameworks they advance. Track completion per organization.
Security Posture
Composite security score across compliance, vulnerabilities, identity threats, and risk acceptance.
Audit Snapshots
Point-in-time compliance freezes for audit periods - lock a snapshot to prevent changes during auditor review.
| Name | Framework | Period | Controls | Pass Rate | Status | Created | Actions |
|---|
Evidence Freshness
Continuous view of how current each control's evidence is. Surfaces controls whose scan evidence has gone stale and risk acceptances / manual verifications that are expiring — so you re-evidence before an auditor (or a lapse) catches it.
Auditor Access
Generate expiring read-only access tokens for external auditors - no account required.
https://app.tatersecurity.com/auditor/{token} - read-only view of controls, overrides, and evidence.
| Auditor | Framework | Expires | Accesses | Status | Created | Actions |
|---|
Report Distribution
Schedule automated compliance report emails to stakeholders. Requires SMTP configured in Integrations. For the full report catalog with XLSX/PDF export, custom datasets, and recurring delivery, use TATER Insights › Scheduled Reports ↗.