DriftmarkDriftmark
Sign inSign up

Product

Understand and monitor Microsoft Entra ID configuration drift

Driftmark captures configuration snapshots across identity controls and highlights changes that affect your tenant's security posture.

Sign up nowView Documentation

Snapshot Summary

Drift detected
Conditional Access
3 changes detected
Privileged Roles
2 assignments modified
Named Locations
1 change detected

Continuous configuration visibility for Microsoft Entra ID

Driftmark captures configuration snapshots of your Entra ID tenant and compares them over time to detect configuration drift across identity controls. Configuration drift matters because small policy or role changes can accumulate into material security and compliance risk.

Coverage across Entra ID identity controls

Driftmark monitors identity control families as a system, not isolated features, so your team can see the broader impact of configuration change.

Identity & Access

Monitor core identity configuration such as user access model settings and directory role posture.

Security Policies

Track changes across security-relevant policy configuration including conditional access and policy controls.

Privileged Access (PIM)

Observe privileged role management settings, eligible/active role posture, and assignment changes over time.

Identity Governance

Capture governance-related configuration for lifecycle, access controls, and identity governance policy areas.

Applications & Service Principals

Review app and service principal configuration including permission posture and identity-related app settings.

External Collaboration

Track guest and external access configuration that affects cross-tenant collaboration and external exposure.

Configuration snapshots

Driftmark captures the state of identity configuration at a point in time using Microsoft Graph. Snapshots help security teams understand how configuration evolves, when changes occurred, and what controls were affected.

Snapshot Summary

Completed

Production Tenant Snapshot

Captured May 15, 2026

Identity & Access
12 items
Security Policies
8 items
Privileged Access (PIM)
5 items
Identity Governance
6 items
Applications
14 items
External Collaboration
4 items
Total controls captured
49

Drift Detection

Conditional Access Policy Change

Before
  • Require MFA for admins: Disabled
  • Sign-in risk policy: Medium and above
  • Included locations: All trusted
After
  • Require MFA for admins: Enabled
  • Sign-in risk policy: Low and above
  • Included locations: All locations
3 changes detected

Detect configuration drift

Driftmark compares snapshots to identify configuration drift between states. Examples include Conditional Access policy changes, privileged role assignments, application permission changes, and external access configuration updates.

Audit-ready configuration reports

Driftmark generates reports summarizing current configuration state and detected drift between snapshots. These reports support security reviews, compliance assessments, and incident investigations.

Audit-Ready Report

Driftmark Configuration Report

Tenant posture summary and configuration drift

  • Executive Summary
  • Configuration Coverage
  • Detected Drift
  • Control Family Summary
  • Review Notes
Snapshots compared
2
Drift items
6
Control families
6
Exportable report preview

Secure read-only access to Entra ID

Driftmark interacts with Microsoft Graph using read-only permissions aligned to least privilege principles. The platform provides configuration visibility without modifying tenant settings and accesses only the configuration metadata required for monitoring and reporting.

Built for identity and security teams

Security teams

Monitor configuration drift across critical identity controls.

IAM consultants

Track configuration state during assessments and remediation projects.

Managed service providers

Monitor tenant configuration across customer environments.

FAQ

What permissions does Driftmark require?

Driftmark uses Microsoft Graph read-only permissions required to access identity configuration metadata.

Does Driftmark modify Entra ID configuration?

No. Driftmark is designed for visibility and drift detection and does not write or change tenant configuration.

How often are snapshots captured?

Snapshots are captured on your configured schedule, enabling recurring visibility into configuration changes.

What configuration areas are monitored?

Driftmark covers identity and access, security policies, privileged access, identity governance, applications, and external collaboration controls.

Start monitoring your Entra ID configuration today

Sign up nowView Documentation