Feature Requests

Hi Team, we require a new column under the system details of Microsoft 365 inspector where it displays the name of the device that end user is registered or using. Instead we have two different columns, one for users and other for devices. It is difficult to find which device is registered to which user

Directsend feature is used to send internally bulk email without authentication from a trusted domain. This domain can have SPF enabled so that the spoofing can be prevented. I would like to have Liongard monitor if Directsend feature is enabled on environment or not from Cyber risk dashboard. Microsoft has this feature enabled under "Reject Direct Send"

Sophos Central Endpoint licensing only applies to devices seen in the last 30 days, with any devices older than 30 days no longer consuming any seats. Additionally, Sophos recommend not removing old devices from Central incase they come back online in the future and require the Tamper Protection code which cannot be recovered once a device is deleted after 90 days. Liongard does not surface the lastSeenAt object from Sophos Central, and thus we cannot filter out devices that are older than 30 days and no longer consuming a license. Reference: https://developer.sophos.com/docs/endpoint-v1/1/routes/endpoints/%7BendpointId%7D/get lastSeenAt string Date and time (UTC) when the endpoint last communicated with Sophos Central.

I would like Liongard to have the capability to test password complexity on network devices to ensure that passwords are not in plain text and meet complexity requirements.

I want to track connected devices like monitors and USB devices, which is not possible with the existing inspectors.

When parent inspector runs, it is discovering deleted groups in S1. Can it be set to exclude deleted groups/sites so these are no longer discovered?

Request to be able to stop a scheduled inspection from running, or pause during the middle of one.

Quickly recover from cyber events or disasters with network configuration backup and export and comply with CIS CSC 11.

Category: Inspector Enhancement – Microsoft 365 User Story: As a Managed Service Provider (MSP), I want Liongard to ingest and surface detailed Microsoft 365 usage reports via the Microsoft Graph API so that I can better understand which users are actively using features like Teams, SharePoint, OneDrive, Power BI, and OneNote. This will allow me to: Improve billing alignment by identifying underutilized M365 services. Make informed recommendations to provision or deprovision licenses or features. Drive cost savings and efficiency for my clients by highlighting adoption gaps. Surface insights that directly impact QBRs and strategic planning. Problem Statement: Today, Liongard provides some insight into Microsoft 365 activity, but it lacks the per-user and per-feature detail needed to assess true usage. Partners need this granularity to have meaningful conversations about license optimization and user engagement. Proposed Solution: Ingest the following Microsoft Graph API usage reports and expose them in the M365 Inspector: Report Name Graph API Endpoint Email Activity User Detail /reports/getEmailActivityUserDetail(period='D7') Office 365 Active User Detail /reports/getOffice365ActiveUserDetail(period='D7') OneDrive Usage Account Detail /reports/getOneDriveUsageAccountDetail(period='D7') SharePoint Site Usage Detail /reports/getSharePointSiteUsageDetail(period='D7') SharePoint Activity User Detail /reports/getSharePointActivityUserDetail(period='D7') Teams User Activity Detail /reports/getTeamsUserActivityUserDetail(period='D7') Teams Team Activity Detail /reports/getTeamsTeamActivityDetail(period='D7') OneDrive Active User Detail /reports/getOneDriveActivityUserDetail(period='D7') 📚 Reference: Microsoft Graph Reporting API Docs: Working with Microsoft 365 usage reports in Microsoft Graph - Microsoft Graph v1.0 Example Use Cases: “User has an E5 license but hasn’t used Teams or OneDrive in 60+ days.” → Suggest license downgrade. “All users use Exchange and SharePoint, but no one accesses Power BI.” → Recommend removing or reallocating Power BI licenses. “OneNote activity spikes for a specific department.” → Recommend training/resources or feature expansion. Impact & Value: This enhancement would unlock a new layer of attack surface visibility, financial insights, and customer value coaching directly within Liongard. It would also support partners in delivering more strategic QBRs and in demonstrating ROI to their clients.