The remediation action for Application management policies is NOT available in the Essentials solution.
These policies are designed to enhance Entra ID app management and security.
The list below provides an overview of the Application management out-of-the-box policies, what type of remediation action they are set to execute, and which remediation settings you can configure.
App registrations with expiring certificates
Show more
Description
This policy is designed to monitor application registrations with certificates nearing expiration.
It lists the application's display name, the certificate thumbprint, a description of the app, the key ID, and the certificate's expiration date, focusing on those expiring in the next 30 days.
This tool helps IT administrators proactively renew certificates and maintain application security and functionality.
Remediation action
Schedule and send the report to a custom recipient
What you can configure
- Set the policy to target expiring certificates in the next 30, 60, or 90 days
- Type the recipient of the email (custom address)
- Schedule the recurrence of the remediation action
App registrations with expiring secrets
Show more
Description
This policy helps you keep track of app registrations with secrets that are about to expire.
It shows the app's name, the secret's name, when it was created, and when it's set to expire. You'll also see the unique application ID.
This tool is useful for staying on top of your app security, ensuring you renew or update secrets before they cause access issues. This way, you can keep your apps running smoothly and securely.
Remediation action
Schedule and send the report to a custom recipient
What you can configure
- Set the policy to target expiring secrets in the next 30, 60, or 90 days
- Type the recipient of the email (custom address)
- Schedule the recurrence of the remediation action
Enterprise apps with unverified publishers
Show more
Description
This policy identifies enterprise applications with unverified publishers in your environment. It provides key information including the application name, service principal display name, publisher, verification status, and whether the app is enabled.
Additionally, it indicates if the app is a custom registration or built-in.
This tool helps IT security teams assess and manage potential risks associated with unverified applications, ensuring compliance with organizational security policies and maintaining the integrity of your enterprise app ecosystem.
Remediation action
Schedule and send the report to a custom recipient
What you can configure
- Type the recipient of the email (custom address)
- Schedule the recurrence of the remediation action
Enterprise apps without owners
Show more
Description
This policy identifies enterprise applications that currently have no assigned owners.
It displays information such as the application name, service principal display name, publisher, and enabled status.
The policy confirms the lack of owners and indicates whether the app is a custom registration or built-in. By highlighting apps without owners, this policy enables prompt assignment of responsibility, ensuring better management and security oversight of enterprise applications.
Remediation action
Schedule and send the report to a custom recipient
What you can configure
- Type the recipient of the email (custom address)
- Schedule the recurrence of the remediation action
Unused enterprise apps
Show more
Description
This policy identifies enterprise applications that have not been used recently.
It displays the application name and the service principal display name, and tracks the last sign-in activity, focusing on apps with no sign-ins in the previous 90 days.
It also provides information about the publisher, confirms whether the app is enabled, and indicates whether it is a registered app or a built-in service.
Remediation action
Schedule and send the report to a custom recipient
What you can configure
- Set the policy to target apps without sign-ins in the previous 30, 60, 90, 180 days, or ever.
- Type the recipient of the email (custom address)
- Schedule the recurrence of the remediation action
Long-term expiry app registration secrets
Show more
Description
This policy identifies app registration with secrets that expire beyond a 180-day threshold.
It displays the application name, the secret display name, the creation date, and the expiration date, focusing on apps with secrets expiring in over 180 days.
Remediation action
Schedule and send the report to a custom recipient
What you can configure
- Type the recipient of the email (custom address)
- Schedule the recurrence of the remediation action
Long-term expiry app registration certificates
Show more
Description
This policy identifies app registration with certificates that expire beyond a 180-day threshold.
It displays the application name, the thumbprint, the key ID, the creation date, and the expiration date, focusing on apps with certificates expiring in over 180 days.
Remediation action
Schedule and send the report to a custom recipient
What you can configure
- Type the recipient of the email (custom address)
- Schedule the recurrence of the remediation action
Expired app secrets
Show more
Description
This policy identifies app registration secrets that have expired but have not been removed yet.
It displays the application name and ID, the secret display name, the key ID, the creation date, and the expiration date.
Remediation action
Schedule and send the report to a custom recipient
What you can configure
- Type the recipient of the email (custom address)
- Schedule the recurrence of the remediation action
Expired app certificates
Show more
Description
This policy identifies app registration certificates that have expired but have not been removed yet.
It displays the application name and ID, the certificate display name, the key ID, the creation date, and the expiration date.
Remediation action
Schedule and send the report to a custom recipient
What you can configure
- Type the recipient of the email (custom address)
- Schedule the recurrence of the remediation action