← Back to all sparks
M

ManageEngine M365 Security Plus

ANALYTICS
Velocity2.5

Microsoft 365 security monitoring, auditing, and threat protection tool.

M365 security add-on in quiet maintenance — dependency upkeep and bug fixes.

m365-securitydependency-upkeepbug-fixescompliancemaintenance
Current state
M365 Security Plus is a Microsoft 365 security-monitoring and reporting product currently in a low-key maintenance phase. The recent builds are dominated by dependency updates (Tomcat, Zulu JRE, Duo SDK), bug fixes, and a couple of security patches, including one in the Export Graph feature. It tracks Microsoft's platform changes rather than pushing new capability.
Where it's heading
The direction is upkeep: patch security issues, keep the Java/Tomcat stack current, and fix performance and configuration bugs as they surface. There is little feature expansion visible — the product is holding steady for its installed base while staying compliant and stable.
Prediction
More of the same — periodic builds pairing dependency currency with security and stability fixes, and reactive patches when Microsoft changes tenant behavior. No new capability direction is evident here.

Recent moves

  1. 27d ago

    Fixes Microsoft tenant configuration failure

    Build 4817 fixes a tenant-configuration failure caused by a recent Microsoft-side change — a reactive bug fix keeping onboarding functional, not a feature change.

  2. 3mo ago

    Patches Export Graph data-access vulnerability

    Build 4816 closes a security issue in the dashboard's Export Graph feature that could allow unauthorized data access, plus related security improvements — a substantive fix within an otherwise quiet cycle.

  3. 5mo ago

    Updates Duo Universal Java SDK to 1.3.1

    Build 4814 updates the Duo Universal Java SDK and dependencies for Duo's certificate-authority change — routine dependency maintenance.

  4. 5mo ago

    Bumps Tomcat and Zulu JRE dependencies

    Build 4811 updates Apache Tomcat to 9.0.112 and the Zulu JRE — internal dependency currency with no user-facing change.

  5. 8mo ago

    Fixes audit-collection CPU spike and ES memory use

    Build 4805 fixes a database CPU spike during audit collection and excessive Elasticsearch memory use — performance bug fixes typical of the product's maintenance cadence.

  6. 8mo ago

    Minor bug fixes

    Build 4803 is a minor-fixes release with no described user-visible change — pure upkeep.