New App-Consent by Admin Check [CHK-1138]
This check verifies if an administrator has approved new applications with extensive privileges for the entire organization.
Rationale
EntraID applications can be exploited by attackers for malicious purposes. Therefore, it's important to ensure only administrators have the right to grant new apps access to the tenant. This check identifies if any new risky apps have been granted access.
Fix
Manual steps:
- Review the permissions granted to the new apps.
- If the permissions are not as expected or are risky, revoke them.
Impact
The check ensures that only authorized and safe apps have access to your organization's data, reducing the risk of data breaches.