You can now use the sec-check CLI command to quickly assess your Contentful organization’s security posture. It runs out of the box with the following check points:

• Permissions
• Audit logging enabled
• Security contact configured
• SSO enabled
• SSO enforced
• SSO exempt users identified
• MFA status for exempt users
• Long-expiry access tokens

Each check delivers clear PASS/FAIL results with actionable data.

Export and automation

• Results can be exported to structured JSON with a single flag -o, making it easy to archive, track changes over time, or integrate with monitoring dashboards. Each failed check includes contextual details (counts, affected IDs) to speed remediation.

Extensible framework

• The check system is designed for community contributions. Add custom checks by following the existing pattern (ID, description, dependsOn, run) and submit a PR. This establishes the foundation for a growing catalog of organization security insights.

For more information about the CLI command, see the developer documentation.