Operational Diagnostic Tools
Free instrumentation for IT administrators and compliance teams. Surface configuration gaps, verify infrastructure baselines, and document operational posture — no account required.
Why We Built These
Operational Visibility Is Not Optional
Most organizations discover configuration gaps during audits, incidents, or migrations — not before. These tools exist to give IT teams proactive visibility into the areas that matter most.
Email Authentication
SPF, DKIM, and DMARC misconfigurations are among the most cited findings in compliance assessments — and one of the most straightforward to remediate.
DNS Governance
DNS errors are silent. Incorrect MX records drop inbound mail. Stale NS records cause intermittent failures. Neither surfaces obviously until customers complain.
Certificate Lifecycle
Expired certificates take HTTPS down immediately. Certificate monitoring is basic operational hygiene — yet a frequent source of preventable service disruptions.
Microsoft 365 Posture
M365 default configurations are not secure configurations. Identity, retention, backup, and external sharing all require intentional governance — not just activation.
Available Tools
Operational Diagnostic Suite
Each tool is independently optimized for its operational domain. No bundling, no registration, no paywalls.
SPF / DKIM / DMARC Checker
Verify email authentication records — SPF, DKIM, and DMARC — against any domain. Identify configuration gaps that expose your domain to spoofing.
DNS Health Checker
Full DNS diagnostic covering SPF, DKIM, DMARC, MX routing, and NS records. Identify operational misconfigurations before they cause incidents.
SSL Certificate Checker
Inspect SSL certificate validity, expiration, issuer, TLS version, and covered domains. Surface certificate issues before they disrupt services.
Microsoft 365 Governance Assessment
Guided assessment of your tenant's operational maturity across nine governance areas and 27 checkpoints — identity, email security, backup, retention, and incident readiness.
Backup & Operational Continuity Assessment
Guided assessment of backup coverage, recovery readiness, Microsoft 365 data protection, and disaster recovery governance across 27 operational checkpoints.
Server Hosting Cost Estimator
Estimate monthly virtual server hosting costs — configure CPU, memory, storage, bandwidth, and disaster recovery. Compare IT KORR pricing against AWS, Azure, and Google Cloud.
Colocation Cost Estimator
Estimate monthly colocation costs for rack space, bandwidth, power, and remote hands support in our Edison, New Jersey carrier-dense facility.
Managed IT Assessment
Guided assessment of whether IT operations are proactively managed or reactive — covering documentation, endpoint lifecycle, patch cadence, vendor coordination, and reporting.
Compliance Readiness Assessment
Guided assessment of SOC 2, HIPAA, and NIST CSF governance maturity — policy documentation, control mapping, audit evidence, and risk register readiness.
Business Continuity Planner
Guided assessment of business continuity plan maturity — plan currency, tabletop testing, recovery role assignment, vendor dependency mapping, and review cadence.
Cloud Infrastructure & Azure Assessment
Guided readiness assessment of Azure/cloud governance maturity — subscription governance, identity and RBAC hygiene, configuration baselines, and cost governance cadence.
Network Modernization Assessment
Guided assessment of legacy vs. modernized network infrastructure — hardware support status, segmentation, redundancy, wireless capacity, and documentation.
Infrastructure Monitoring Assessment
Guided assessment of monitoring and alerting maturity — coverage, alert tuning, escalation paths, capacity trending, and incident review discipline.
Operational Governance Assessment
Guided assessment of IT operational governance maturity — change management, configuration standards, asset governance, and accountability structure.
Enterprise Password Generator
Generate cryptographically secure passwords and passphrases aligned with modern security recommendations, entirely in your browser.
Password Strength Checker
Evaluate an existing password against entropy, pattern-resistance, and modern NIST-aligned strength criteria, entirely in your browser.
Password Policy Generator
Generate a complete, organization-ready password and credential policy document aligned with NIST, Microsoft, CIS Controls, PCI DSS, or HIPAA guidance.
Identity & MFA Readiness Assessment
Evaluate MFA coverage, Conditional Access policy, privileged access practices, passwordless readiness, SSO/federation, and identity lifecycle governance.
Passwordless Readiness Assessment
Evaluate your organization's readiness to adopt passkey and FIDO2/WebAuthn authentication — platform support, device compatibility, and rollout planning.
Authentication Policy Generator
Generate a complete authentication and access policy document covering MFA, Conditional Access, privileged access, SSO, and session management.
Conditional Access Planner
Generate a prioritized, ready-to-build Conditional Access policy plan — baseline, device-based, risk-based, and privileged-role policies.
Identity Governance Assessment
Evaluate access provisioning, review, and deprovisioning discipline across three areas.
Authentication Method Selector
Get an instant, tailored authentication method recommendation based on account type, device support, and risk tolerance.
Microsoft Secure Score Planner
Generate a prioritized Secure Score improvement plan across identity, email, and device/data actions.
Conditional Access Baseline Generator
Generate a Microsoft 365 workload-specific Conditional Access baseline — Exchange, SharePoint, Teams, and admin portals.
Entra ID Health Assessment
Evaluate Entra ID licensing alignment, hybrid identity sync health, and directory object hygiene.
Microsoft 365 Security Readiness Assessment
Evaluate identity, email, device, and data protection baseline across four areas.
Zero Trust Readiness Assessment
Evaluate Zero Trust maturity across verify explicitly, least-privilege access, and assume breach.
Secure Score Improvement Calculator
Project your Secure Score after implementing a set number of improvement actions.
Defender Feature Comparison
Compare Plan 1 vs. Plan 2 features for Defender for Office 365 and Defender for Endpoint.
Zero Trust Gap Assessment
Identify which phase of a Zero Trust implementation roadmap needs attention next.
Microsoft Security Stack Planner
Generate a prioritized build-out plan across all five layers of the Microsoft 365 security architecture.
Microsoft Licensing Advisor
Get a tailored Microsoft 365 and Entra ID licensing tier recommendation based on organization size, identity, Defender, and compliance needs.
Conditional Access Policy Analyzer
Review an existing Conditional Access policy set for emergency access, legacy authentication, exclusion, and conflict gaps.
Compliance Framework Selector
Identify which compliance frameworks actually apply to your organization based on industry, data types, and customer requirements.
NIST CSF Assessment
Evaluate maturity across all six NIST Cybersecurity Framework functions — Govern, Identify, Protect, Detect, Respond, Recover.
CIS Controls Assessment
Evaluate coverage of the CIS Controls Implementation Group 1 safeguards, the essential cyber hygiene baseline.
HIPAA Readiness Assessment
Evaluate Administrative, Physical, and Technical Safeguard coverage against the HIPAA Security Rule.
PCI DSS Readiness Assessment
Evaluate cardholder data environment scope, segmentation, and control coverage against PCI DSS 4.0.
CMMC Readiness Assessment
Evaluate readiness against CMMC 2.0 Level 1 and Level 2 practices.
NIST 800-171 Assessment
Evaluate coverage across the 14 NIST SP 800-171 control families protecting CUI.
ISO 27001 Readiness Assessment
Evaluate Information Security Management System maturity against ISO 27001 requirements.
Vendor Risk Assessment
Evaluate third-party vendor risk management discipline — inventory, due diligence, and ongoing monitoring.
Audit Evidence Checklist Generator
Generate a tailored audit evidence collection checklist based on your applicable frameworks.
Business Continuity Assessment
Evaluate business continuity planning maturity — scope, roles, communication plans, and recovery procedures.
Disaster Recovery Readiness Assessment
Evaluate disaster recovery capability — failover procedures, documented RPO/RTO, and DR plan currency.
Backup Strategy Planner
Generate a tailored backup strategy recommendation based on data criticality, recovery requirements, and current coverage.
RPO/RTO Calculator
Calculate realistic Recovery Point and Recovery Time Objectives based on business impact and technical constraints.
Backup Retention Planner
Generate a tailored backup retention schedule based on data type, compliance requirements, and storage cost tradeoffs.
Network Assessment
Evaluate network architecture, segmentation, core service resilience, and documentation maturity.
VLAN Planner
Generate a tailored VLAN segmentation plan based on organizational structure and traffic types.
IP Address Planning Calculator
Generate a tailored IP addressing and subnetting plan based on site count, device count, and growth headroom.
Storage Capacity Planner
Generate a tailored storage architecture and capacity recommendation based on workload type and growth projections.
AI Readiness Assessment
Evaluate organizational readiness for AI adoption — data governance, policy, and security foundations.
Copilot Readiness Assessment
Evaluate Microsoft 365 tenant readiness for Copilot — permissions hygiene, data labeling, and licensing.
AI Risk Assessment
Evaluate AI-specific risk exposure — data leakage, hallucination, bias, and over-reliance.
AI Governance Planner
Generate a staged AI governance program build-out plan tailored to your organization.
AI Policy Generator
Generate a complete AI acceptable use policy document tailored to your organization.
IT Operations Maturity Assessment
Evaluate IT operational maturity — from reactive firefighting to proactive, continuously improving service management.
Documentation Readiness Assessment
Evaluate IT documentation coverage, currency, and accessibility across the environment.
Change Management Planner
Generate a tailored change management process recommendation based on organization size and risk tolerance.
Monitoring Strategy Assessment
Evaluate monitoring coverage, alert quality, and escalation discipline across compute, network, and storage.
ITSM Readiness Assessment
Evaluate IT service management maturity — service catalog, incident/problem process, and continuous improvement discipline.
Operational Guidance
Infrastructure Fundamentals
The operational domains these tools cover — email authentication, DNS, TLS, and Microsoft 365 — are foundational to infrastructure reliability and compliance readiness.
Email Authentication
- SPF authorizes sending sources
- DKIM validates message integrity
- DMARC enforces authentication policy
- Required for HIPAA and SOC 2 alignment
DNS Governance
- MX routing redundancy prevents delivery failures
- NS redundancy ensures resolution availability
- TTL configuration affects propagation speed
- DNS baseline documents pre-migration state
SSL / TLS
- Certificates require renewal before expiry
- TLS 1.0 and 1.1 are deprecated
- Self-signed certs break client trust
- SAN coverage must match all service domains
Microsoft 365 Identity
- MFA is the highest-impact single control
- Conditional Access enables context-aware enforcement
- Legacy auth bypasses MFA entirely
- Admin accounts require dedicated privileged identities
M365 Data Governance
- Microsoft retention ≠ backup
- Third-party backup is a shared responsibility gap
- External sharing defaults are often permissive
- Audit logging must be verified as enabled
Continuity Readiness
- Recovery objectives must be defined, not assumed
- Backup coverage must be tested, not assumed
- Business continuity plans require annual review
- Vendor dependencies should be documented
FAQ
Questions About These Tools
Are these tools free to use?
Yes. All available tools are completely free to use with no account required. Some tools offer optional report delivery to your email after results are shown — this is never required to view results.
Do these tools access my systems or require credentials?
No. The DNS, email authentication, and SSL tools work entirely from publicly available DNS and certificate data — no system access, no credentials, no sign-in. The Microsoft 365 checklist is a local, interactive questionnaire that never connects to your tenant.
Who are these tools designed for?
IT administrators, operations managers, compliance officers, and governance teams at organizations that use Microsoft 365 or manage their own infrastructure. The tools are designed to be readable by non-technical stakeholders while providing actionable detail for technical teams.
How accurate are the DNS and SSL results?
DNS results are queried live via Cloudflare's DNS-over-HTTPS resolver and reflect current public DNS records. SSL results reflect the certificate presented on port 443 at the time of the check. Results are accurate for operational visibility purposes — they are not a substitute for a comprehensive security audit.
Will more tools be added?
Yes. The platform is actively expanding. Upcoming additions include Microsoft 365 external sharing analysis and additional infrastructure diagnostic utilities. Tools are built around the operational areas IT KORR supports.
Operational Assessment
Build Operational Stability Before Problems Become Business Risks
IT KORR helps organizations improve infrastructure visibility, governance alignment, Microsoft 365 operations, and continuity readiness through structured operational oversight.
No commitment required — we respond within one business day.