Improvements to Get-OspreyTenantAppsAndConsents
Closed this issue · 2 comments
Specifically the bits that work on suspicious applications by pulling in the list of known suspicious applications. (line 44)
Currently it pulls in all tenant apps then the list, then compares them, and outputs any that match. Due to how the matching works, it can either only pull data from the tenant app list or the sus app list. I'd like to make the output into a ps custom object that can pull the following information:
From tenant app list:
- app name and ID
- app permissions
- consent date
- users assigned
From sus apps list:
- Description
- Categories
- References
And output to csv.
There's an additional todo which is to grab a list of Microsoft apps i grabbed from my tenant and not include those applications in the comparison or any data. This would be helpful when grabbing the list of all apps and their permissions re line 63, as it grabs mostly Microsoft apps, wasting time and giving too much data.
Other things to be done, there are some todo notes in the file.
decided im just leaving the list as is and not trying to pull in an additional list of MS apps at this time.
anyway making the custom app looks as good as it can for now. a little clunky but it gets the job done.