You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We would like to notify our users if they do an App Consent in Entra ID. That way, if a threat actor did consent on their behalf, they would be warned. If that's being done legitimately, we could also take the opportunity to give them a security awareness message (showing exactly to which permission they have consent to) as part of the notification. Believe it or not, even if the consent box in Entra ID shows the permission they consent to, most users just click yes without looking at it.
Maybe there is a way to do this with a Defender App Governance policy - Not sure which approach is the best but as not everyone has Defender, I could see this as a nice addition to SEEN.
The text was updated successfully, but these errors were encountered:
We would like to notify our users if they do an App Consent in Entra ID. That way, if a threat actor did consent on their behalf, they would be warned. If that's being done legitimately, we could also take the opportunity to give them a security awareness message (showing exactly to which permission they have consent to) as part of the notification. Believe it or not, even if the consent box in Entra ID shows the permission they consent to, most users just click yes without looking at it.
Maybe there is a way to do this with a Defender App Governance policy - Not sure which approach is the best but as not everyone has Defender, I could see this as a nice addition to SEEN.
The text was updated successfully, but these errors were encountered: