Prerequisites

• This issue has an informative and human-readable title.

💡 Summary

In the Entra ID report, we include tables with information on risky app/service principal data. We want to create a severity score based on number of admin consented permissions, multi-tenant, number of risky permissions, existence of client secrets, and credentials that exceed our criteria for maximum duration.

Use this score to display risky apps/service principals in order of importance to assist with remediation.

Motivation and context

This will help users with remediation of risky apps/service principals.

Implementation notes

1. Create a function that assigns a severity score to each risky app/service principal.

Acceptance criteria

• Each risky app/service principal has a severity score assigned to it.