AzureRiskyUsers
Azure Risky Users provides access to all at-risk users and risk detections in the Azure AD environment.
Vulnerability Management · Azure Risky Users
Configuration parameters
client_id— Client IDauthentication_type— Authentication Type (required)tenant_id— Tenant ID (for Client Credentials mode)client_secret— Client Secret (for Client Credentials mode)managed_identities_client_id—proxy— Use system proxy settingsinsecure— Trust any certificate (not secure)
Commands (10)
-
azure-risky-user-getRetrieves properties and relationships of a Risky User.
-
azure-risky-users-auth-completeCompletes the authorization process. Run this command after executing the azure-risky-users-auth-start command.
-
azure-risky-users-auth-resetRun this command if for some reason you need to rerun the authentication process.
-
azure-risky-users-auth-startStarts the authorization process. Follow the instructions in the command results.
-
azure-risky-users-auth-testTests the connectivity to Azure.
-
azure-risky-users-confirm-compromiseConfirms user(s) as compromised.
-
azure-risky-users-confirm-safeConfirms user(s) as safe (post-investigation).
-
azure-risky-users-listReturns a list of all risky users and their properties.
-
azure-risky-users-risk-detection-getReads the properties and relationships of a riskDetection object.
-
azure-risky-users-risk-detections-listReturns a comma-separated list of the Risk Detection objects and their properties.