Read-only audit of your Power Platform footprint. v1 detects what Microsoft Graph exposes (license inventory, service principal audit, OAuth grants, Conditional Access targeting) and emits manual verification deep-links into the Power Platform Admin Center for the things that need the BAP API (environment inventory, DLP policies on connectors, premium connector usage, on-prem data gateway audit). v2 will replace the manual checks with full BAP API automation.
One-time payment · 90-day access · locked to one Microsoft 365 tenant
What it will scan
All Power Platform environments in the tenant — default + production + sandboxes + trial — with creation dates, owner counts, and Dataverse capacity usage. Catches the "we have 47 trial environments nobody owns" problem before it eats your storage.
Power App + Power Automate flow inventory grouped by maker, surfacing the "5% of makers built 80% of the apps" problem. Identifies who's building shadow IT, what they're connecting to, and which apps go untouched after the original builder leaves.
Per-environment DLP policy review, catching connectors that should be in the Blocked group but ended up in Business Data or No Business Data. The single most common Power Platform data exfiltration vector.
Audit of which premium connectors are actually in use, by which apps, and whether the makers using them have the per-user licenses required. Catches the licensing compliance gap before Microsoft does.
Inventory of on-premises data gateway installations, who owns them, which connections they handle, and whether they're cluster-redundant. The hidden single-point-of-failure surface in most enterprise tenants.
Inventory of Copilot Studio bots in the tenant — who built them, what data sources they connect to, whether they have content moderation enabled. The new attack surface for generative AI inside Power Platform.
Why it's not shipped yet
The other five Microsoft 365 Assessment Suite products use endpoints we already wired up — SubscribedSkus, Conditional Access policies, sensitivity labels, M365 Apps usage reports, SharePoint sites, Teams groups. Power Platform lives in a different API surface entirely (the Power Platform admin API + the Dataverse permissions model + per-environment DLP endpoints) that none of the existing assessments touch. Building it correctly is a focused work session that deserves its own attention rather than being rushed alongside the other five.
The Power Platform Assessment will ship in the next release at the same CA$399 price point as the other singles, with the same one-time payment, 90-day access, per-tenant lock, and MigrationFox-branded PDF deliverable. If you buy the Microsoft 365 Complete Bundle at CA$1,599 now, you'll automatically get access to the Power Platform Assessment when it ships — your bundle's 90-day window covers any additional assessments added during that window at no extra cost.
Copilot Readiness, SharePoint & OneDrive, Teams, and M365 Security are all live today. Free snapshot for any of them, no credit card.