The Azure Identity Layer

Using the tests mapped to this layer, you can:

  • Identify applications secured by certificates or secrets that have either expired or are nearing expiry;

  • Spot unauthorized or unexpected configuration changes made using Azure AD, and identify who made them;

  • Capture and troubleshoot activity failures;

  • Isolate stale devices registered with Azure AD;

  • Identify empty, inactive, and orphaned groups;

  • Pick the unlicensed / disabled / inactive users registered with Azure AD;

  • Pinpoint users configured with a password that never expires or a weak password

Figure 1 : The tests mapped to the Azure Identity layer