# Azure / Entra ID Dashboard

Dashboard provides a general and holistic view of security posture about scanned Azure environments based on different perspectives.

### **Risk Pane (Azure Dashboard)**

This Risk Pane summarizes key risk metrics from the scan, including the overall Risk and Exposure Scores, Dangerous Paths, Shadow Admins, and severity levels (Critical to Info). It breaks down risks by MITRE ATT\&CK Tactics (e.g., Persistence, Privilege Escalation), Tags (e.g., Identity Governance, Account Security), Impacts (e.g., Privileged Role Assignment, Service Principal Ownership Abuse), and Azure Entity Types (e.g., AZUser, AZGroup, AZRole, AZApplication, AZServicePrincipal, AZTenant). This layout helps quickly identify high-risk areas and prioritize remediation actions within Azure environments.

<figure><img src="/files/Pu850jiKolnSQzgtWQWA" alt=""><figcaption><p>Risk Pane</p></figcaption></figure>

### Risk Breakdown by Tags, Impacts and Entity Types

<figure><img src="/files/PavLomwR19HS7o3UdJvH" alt=""><figcaption><p>Risk Breakdown by Tags, Impacts and Entity Types</p></figcaption></figure>

**Risk Breakdown by Tags:** Risk scores based on Tags.

**Risk Breakdown by Impacts:** Risk scores based on Impacts.

**Risk Breakdown by Entity Types:** Risk scores based on Entity Types.

<figure><img src="/files/2ncEkffKAde5CZg0rYWc" alt=""><figcaption><p>Azure Entity Pane</p></figcaption></figure>

### **Users Table**

| Statistic            | Description                                                         |
| -------------------- | ------------------------------------------------------------------- |
| **Inactive Users**   | The number of inactive user accounts.                               |
| **Privileged Users** | The number of privileged user accounts.                             |
| **Risky Users**      | The number of user accounts that have a risk score greater than 50. |

### **Groups Table**

| Statistic             | Description                                                  |
| --------------------- | ------------------------------------------------------------ |
| **Inactive Groups**   | The number of inactive groups.                               |
| **Privileged Groups** | The number of privileged groups.                             |
| **Risky Groups**      | The number of groups that have a risk score greater than 50. |

### **Devices Table**

| Statistic             | Description                                                                   |
| --------------------- | ----------------------------------------------------------------------------- |
| **Inactive Devices**  | The number of device accounts that have not been active for a defined period. |
| **Unmanaged Devices** | The number of devices that not managed.                                       |
| **Risky Devices**     | The number of devices that have a risk score greater than 50.                 |

### **Applications Table**

| Statistic                                   | Description                                                                                           |
| ------------------------------------------- | ----------------------------------------------------------------------------------------------------- |
| **Applications without Certificate/Secret** | The number of applications missing authentication credentials such as certificates or client secrets. |
| **Privileged Applications**                 | The number of privileged applications.                                                                |
| **Risky Applications**                      | The number of applications that have a risk score greater than 50.                                    |

### **Service Principals Table**

| Statistic                         | Description                                                                             |
| --------------------------------- | --------------------------------------------------------------------------------------- |
| **Inactive Service Principals**   | The number of service principals that have not been used or active in a defined period. |
| **Privileged Service Principals** | The number of privileged service principals.                                            |
| **Risky Service Principals**      | The number of service principals that have a risk score greater than 50.                |

### **Roles Table**

| Statistic                 | Description                                                            |
| ------------------------- | ---------------------------------------------------------------------- |
| **Custom Roles**          | The number of non-default roles created manually in the environment.   |
| **Privileged Roles**      | The number of privileged roles.                                        |
| **Risky Roles**           | The number of roles that have a risk score greater than 50.            |
| **Inactive Custom Roles** | The number of custom roles not assigned or used over a defined period. |


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.forestall.io/fsprotect/dashboard/azure-entra-id-dashboard.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.