AzureRiskyUsers

Azure Risky Users provides access to all at-risk users and risk detections in the Azure AD environment.

Vulnerability Management · Azure Risky Users

Configuration parameters

  • client_id — Client ID
  • authentication_type — Authentication Type (required)
  • tenant_id — Tenant ID (for Client Credentials mode)
  • client_secret — Client Secret (for Client Credentials mode)
  • managed_identities_client_id
  • proxy — Use system proxy settings
  • insecure — Trust any certificate (not secure)

Commands (10)

  • azure-risky-user-get

    Retrieves properties and relationships of a Risky User.

  • azure-risky-users-auth-complete

    Completes the authorization process. Run this command after executing the azure-risky-users-auth-start command.

  • azure-risky-users-auth-reset

    Run this command if for some reason you need to rerun the authentication process.

  • azure-risky-users-auth-start

    Starts the authorization process. Follow the instructions in the command results.

  • azure-risky-users-auth-test

    Tests the connectivity to Azure.

  • azure-risky-users-confirm-compromise

    Confirms user(s) as compromised.

  • azure-risky-users-confirm-safe

    Confirms user(s) as safe (post-investigation).

  • azure-risky-users-list

    Returns a list of all risky users and their properties.

  • azure-risky-users-risk-detection-get

    Reads the properties and relationships of a riskDetection object.

  • azure-risky-users-risk-detections-list

    Returns a comma-separated list of the Risk Detection objects and their properties.