FREE TOOL

Entra Security Scanner for App Registrations

Check your environment for dangerous apps cyberattacks target.
Entra ID graphic
What’s in it for me?

Identify elevated custom app permissions that lead to non-compliance and security gaps.

Cybercriminals have a new attack vector: Entra app registrations

Attackers use these apps to access critical files and emails. Then, they rapidly elevate their privileges (as seen in the Midnight Blizzard attack).​

Entra Security Scanner for App Registrations

Take control of Entra Apps to secure Microsoft 365

Find and fix overprivileged apps with the Entra Security Scanner.​​

This free tool generates a report of all custom and third-party app registrations connected to Entra, so you can fix apps with elevated permissions.

Key Report Insights:

Checkmark
All Entra apps connected to your tenant
Checkmark
Apps with expired certificates and secrets
Checkmark
Unused apps and apps without owner
Checkmark
Dangerous apps with unverified publishers

Secure your Entra app registrations (and your tenant) today.

Get started with our free scanner.​

How does the Entra Security Scanner for App Registrations work?

This tool uses a PowerShell script, AppRegistrationScanner.ps1, to scan all Entra Apps in your tenant. It can identify various apps, including those you've developed, PowerApps, and third-party applications.

How to use

You can customize the script with two options:

  • SkipExcelOutput: Outputs results as CSV and HTML
  • ExcessiveIntervalInDays: Set to 180 days by default, this filters for apps with long periods of inactivity or those with extended validities

Scoring system

Each app starts with a 10-point score. Points are deducted for issues detected:

  • Critical issues (Minus 2 points each):
  • Apps lacking an assigned owner
  • Apps granted risky permissions
  • Apps using insecure or development stage URIs (e.g., local host, http://)
  • Medium issues (Minus 1 point):

View the grading system table here.

This system helps you quickly identify and address potential security risks within your apps.

Need more resources?

Eye scanner icon

Microsoft 365 App Permission Scanner

Find excessive app privileges and tenant misconfigurations that dangerous cyber criminals exploit.
Download now
Key icon

Microsoft 365 Governance Best Practices Guide

Don't let establishing a robust governance framework bottleneck your initiative.
Download now
Report icon

See End-to-End M365 Security, Governance, and Automation Made Easy

Take a 3-minute interactive tour of the CoreView platform.
Take a tour