FREE TOOL

Entra Security Scanner for App Registrations

Check your environment for dangerous apps cyberattacks target.
Entra ID graphic
What's in it for me?

Identify elevated custom app permissions that lead to non-compliance and security gaps.

App registrations in Microsoft 365 can jeopardize your tenant

After the Midnight Blizzard cyberattack on Microsoft in January 2024, one thing became clear:  integrated apps in Microsoft 365 pose a critical security risk. These third-party and custom apps often request broad privileges and undergo few controls.

Entra Security Scanner for App Registrations

Secure Microsoft 365—from the inside out

With the Entra Security Scanner for App Registrations, you can identify integrated apps with too many privileges. Created by 9-time Microsoft MVP Vasil Michev and CTO Ivan Fioravanti, this tool generates:

Checkmark
A Full List of Apps in Your Tenant: See all third-party and custom apps connected to your tenant.
Checkmark
An Analysis of All App Permissions: Understand the permissions each app has, identifying any that are unnecessarily broad or risky.
Checkmark
Security Best Practices for Integrated Apps: Learn how to mitigate these risky apps and ensure your internal apps adhere to security and compliance best practices.

How does the Entra Security Scanner for App Registrations work?

This tool uses a PowerShell script, AppRegistrationScanner.ps1, to scan all Entra Apps in your tenant. It can identify various apps, including those you've developed, PowerApps, and third-party applications.

How to use

You can customize the script with two options:

  • SkipExcelOutput: Outputs results as CSV and HTML
  • ExcessiveIntervalInDays: Set to 180 days by default, this filters for apps with long periods of inactivity or those with extended validities

Scoring system

Each app starts with a 10-point score. Points are deducted for issues detected:

  • Critical issues (Minus 2 points each):
  • Apps lacking an assigned owner
  • Apps granted risky permissions
  • Apps using insecure or development stage URIs (e.g., local host, http://)
  • Medium issues (Minus 1 point):

View the grading system table here.

This system helps you quickly identify and address potential security risks within your apps.