Configuration that stays true
TrueConfig is a Desired State Configuration platform for Microsoft 365 identity and access. You define what "secure" looks like once. We continuously check your tenant against that baseline and help you fix deviations—automatically.
Our Mission
Every IT team should be able to maintain enterprise-grade security for their Microsoft 365 environment—without needing a dedicated security operations center.
We built TrueConfig because we saw too many organizations struggling to keep up with identity security. Configuration drift happens silently: someone adds a Global Admin "just for a quick fix," a Conditional Access policy gets disabled "temporarily," app secrets expire without anyone noticing.
TrueConfig brings the "infrastructure as code" mindset to identity security. You declare your desired state, we enforce it. Simple.
What We Believe
Security Should Be Accessible
You shouldn't need a CISSP to secure your Microsoft 365 tenant. TrueConfig translates complex security best practices into clear, actionable guidance.
Zero-Knowledge Architecture
We never store your Microsoft credentials. We use delegated OAuth with minimal permissions. Your trust is our most important asset.
Automation with Guardrails
Auto-remediation is powerful, but dangerous without safety gates. We build in safeguards so automation helps you, never harms you.
Built for IT Teams
We design for IT managers, not security researchers. Clear language, intuitive workflows, and no unnecessary complexity.
Security & Compliance
EU Data Residency
All data is stored and processed in EU data centers. GDPR compliant by design.
SOC 2 Type II
Annual third-party audits verify our security controls and operational processes.
Encryption at Rest
All sensitive data encrypted with AES-256. Per-tenant encryption keys.
Read-Only by Default
TrueConfig operates in monitoring mode. Write permissions are optional and explicit.