Coding Stephan

Maester at ExpertsLive NL 2025

What is Maester and why did I want to give a talk about it at Experts live Netherlands? Did I spark your interest? Read on and I’ll explain all about it.

June 3rd - Experts Live Netherlands 2025

What is Maester?

Maester is an open-source security scanner for your Microsoft 365 tenant, made by community members. Several people had this idea that it would be cool to be able to automatically scan your tenants configuration. And if you can do it automatically you can also schedule it.

So here you have it, hundreds of tests you can run daily.

Actionable reports

One of the best features is that you get these interactive reports, that support filtering and each test is clickable.

Maester report overview

When you click a test, you get this nice explanation about that specific test. And how you can make sure next time this test will pass. I must admit not all tests are perfectly documented, but it’s an open-source community effort. If you would not like remediation, you can just send a pull request for Test-MtCisaAppAdminConsent.md.

Having these remediation steps right in the report, makes this tool something I want to advise to everybody who regularly works with Microsoft 365 security.

CISA.MS.AAD.5.3: An admin consent workflow SHALL be configured for applications.

Experts Live The Netherlands

Do you get my excitement about this tool? I think everybody has to know about this tool. So I asked Fabian Bader (one of the founders of this project) if he would be up for doing a talk about this awesome project. Fabian had already submitted some talks for Experts live so there was room in his calendar, and was immediately on board for this talk. Few months later our talk was approved and we were given room 11 (capacity 150 people)

Maester in Experts Live session overview

In the app, people could make there own schedule, giving us an idea about the interest. Soon the amount of people showing interest exceeded the room capacity. And at the start of our session we even had people standing in the back.

Room 11 before session

Session feedback

Our session scored pretty good, at full room at 14:00 (when most of us started the day at 8:00 with the first sessions) was quite the accomplishment. We also got some points to improve for next time, like “wish you started with the beautiful report”. All-in-all, we had a great session, and it will even be better next time. And I hope we made a lot of people enthusiastic about Maester, or at least have them run the tests on their own tenant.

Want us giving this talk at your conference, shoot us a message on LinkedIn

Maester contributions

Did I tell you Maester is open-source? Well it is! And in the weeks before Experts Live at June 3rd 2025 I found out that some things were a bit to complicated to do. So I made several contributions making it easier to do things. Right in time for our talk.

  • new/separated Maester Github action with easy teams notifications and better documentation on just the action itself.
  • MT.1057 to test if you still have app secrets in your tenant

And my latest contribution is about test MT.1024 the output in the report needed some improvements.

Test missing?

A message on LinkedIn gave the idea that there should be a test to check if you’re no longer using app secrets. They should be avoided when possible, most cases can be solved with either managed identities or federated credentials. And if that is not an option, you should always try to use certificates.

Great, now I wanted to add a test to my new favorite testing framework. Where do I start? First announce the next test number, so you want have issues when you want your test merged in. Then you create the test and documentation and created a PR like this one. This pull request is by design kept small, just one test. You can see all the files needed to add test MT.1057.

Want to add your own test? Just check out this pr and copy what you need to create your own tests. And when your done adding the tests, be sure to share your excitement about Maester on social media.

Conclusion

Maester is a cool new project, have you tried is out already? I can recommend setting up the github action for your (test/demo) tenant. This takes less then 15 minutes. You can contribute to this project super easy, and are overloaded with credits afterwards.

Want a talk about Maester at your next meetup or conference? Contact us on LinkedIn or Fabian Bader and we are happy to arrange this.