CMMC Analyzer License
by Securitybricks, Inc.
Automated CMMC Readiness tool to validate your Azure implementation.
Description:
Built exclusively for Azure US Government, Microsoft 365 GCC High and AWS Government CUI environments, the CMMC Analyzer automatically collects, maps, and checks evidence for CMMC Level 2 technical controls. It deploys as an Azure Managed Application inside your own subscription. Your compliance data, including your compliance scan results, never leave your environment.
This is the companion license for the CMMC Analyzer Managed Application. After you deploy the analyzer into your Azure subscription from the Managed Application listing, purchase the license here that matches your CUI boundary. The license is signed, bound to your tenant, and unlocks the analyzer's features from the plan you choose.
How does the CMMC Analyzer work:
1. Deploy the CMMC Analyzer Application into your Azure subscription.
2. In the analyzer UI, copy the Deployment ID shown in the setup wizard (or under Settings > License).
3. Subscribe to the plan below that matches your scanning scope.
4. Paste your Deployment ID on the confirmation page after purchase.
5. Within ~60 seconds your analyzer picks up the signed license, your features unlock, and you can complete the setup wizard.
Licensing:
The analyzer runs entirely inside your tenant. Your scan data never leaves your CUI boundary. To support this airgap model, we ship licensing as a billable subscription that issues a cryptographically signed key bound to your specific Azure Container App managed identity.
Choose a Plan:
Basic
Scans 1 tenant (Azure Government, Microsoft 365 GCC High, or Azure + M365 hybrid)
Identity (Entra ID), Azure Resource Manager, Microsoft 365 services, Intune, and Defender planes
HTML, Excel, Word, and PDF compliance reports
Drift detection and point-in-time baseline snapshots
Asset inventory collection with Excel deliverable
Manual on-demand scans with dashboard view
Audit log viewer
OIDC single sign-on plus local admin bootstrap
CMMC Level 1 and Level 2 (Level 3 coming soon)
Professional
Everything in Basic
Scan up to 3 tenants in any mix of Azure, M365, or Azure + M365
Scheduled continuous monitoring (ConMon) to meet CMMC requirements
SIEM forwarder for Splunk, Microsoft Sentinel, syslog, or file destinations
Email and webhook notifications on scan results
Customer self-attestation workflow for MANUAL and NOT MET findings
Deterministic System Security Plan (SSP) generator with chunk-level citations
PowerShell sidecar for deep Exchange, SharePoint, and Teams evidence collection
Enterprise
Scan up to 25 tenants under one license
Multi-cloud: Azure + M365 + AWS GovCloud + AWS Commercial
Cross-tenant fusion rollups for MSPs and federal integrators
Cloud-scope picker in Add Tenant with per-cloud enable/disable
Evidence verification
Waiver and exception management with expiry dates and audit trail
Continuous monitoring per-(tenant, scan-type) schedules with master-tick queue
Visit www.securitybricks.io