A comprehensive script for analyzing risky sign-ins and managing conditional access policies in Microsoft Entra ID.
- Analyzes risky sign-ins and their sources
- Identifies high-risk users requiring MFA or remediation
- Provides insights into Conditional Access policies
- Automates response actions for compromised accounts
- Generates detailed HTML reports
- PowerShell 5.1 or higher
- Microsoft Graph PowerShell SDK
- Appropriate Microsoft Entra ID permissions:
- AuditLog.Read.All
- Directory.Read.All
- User.ReadWrite.All
The script will automatically install required modules if they're not present:
Install-Module Microsoft.Graph -Scope CurrentUser -Force- Run the script:
.\EntraID-Risk-Management-Tool.ps1- Authenticate when prompted with an account that has the required permissions
- Review the generated HTML report that opens automatically
- Console output showing progress and detected risks
- HTML report with detailed analysis of:
- Risky sign-ins
- Conditional Access policies
- High-risk users
- Remediation actions taken
- The script automatically disables accounts detected as high-risk
- Reports are generated in the same directory as the script
- Default analysis period is 7 days