Speakers:
Olav Helland (Cloud Architect, Bsure)
Gunnar Weld (CTO, Bsure)

Download slides.

This webinar has an English and Norwegian version. Change language on the website to select the edition you want to view.

Many organizations use a wide range of connected applications in Microsoft Entra ID, often with broader permissions than they actually need. In this session, we explore how to review and clean up applications with excessive permissions, why this matters for both security and compliance.

We start with the benefits of using Enterprise Applications with Single Sign-On, before looking at how applications, service principals, and managed identities work in Entra ID. The session also explains permissions and admin consent, including the difference between delegated and application permissions, and why it’s recommended to disable user consent altogether.

Using insights from Microsoft’s Digital Defense Report 2025, we highlight how attackers are now targeting application identities and permissions rather than user accounts.

The webinar concludes with a demo in Bsure, showing how you can use the platform’s built-in reports to identify and reduce risk across your Entra environment:

• Applications – Usage
  See which apps are active and which are no longer in use

• Applications – Cost
  Link license and usage data for cost optimization

• Applications – Sign-in Locations
  Monitor where application sign-ins occur globally

• Applications – Overview
  Full overview of all apps, user and system sign-ins, and usage

• Security – Service Principals
  Detailed insight into app identities, permissions, and risk level