Try For Free

AppGov Score Blog

Check out our latest updates!

Role-based Access Control (RBAC) For Applications in Entra

How to Use Role-Based Access Control (RBAC) for Applications

March 19, 2026 Louis Mastelinck

In a previous blog post, 'How to Restrict Microsoft Graph API Access to Mailboxes,' we explained why scoping your app registration permissions in...

Read More
Entra ID Application Security Roadmap

Microsoft Entra ID Application Security Roadmap: How to Lock Down Modern Apps

March 12, 2026 Alistair Pugin

Your Microsoft Entra ID application estate is already part of your attack surface – whether you’ve mapped it or not. In Microsoft 365 environments,...

Read More
Strategic Identity Protocols Explained

SAML vs OIDC vs OAuth 2.0: Strategic Identity Protocols Explained

March 5, 2026 ENow Software

Modern identity security is not about managing credentials; it is about designing trust boundaries between identity providers and relying parties....

Read More

Identity Security Predictions for 2026: What Threat Actors are Targeting Next

February 19, 2026 Alistair Pugin

Identity security is going through a reckoning. Organizations spent the last decade hardening user logins with MFA, Conditional Access, and...

Read More
The Hidden Risks of Defining Ownership on your Entra ID Applications

The Hidden Risks of Entra ID Application Ownership (Part 1)

November 20, 2025 Glenn Van Rymenant

Assigning ownership to your application and service principal objects in Entra ID might seem like good governance, but it introduces significant...

Read More
Cartoon showing risks of using the scream test for Entra ID application cleanup

Microsoft Entra ID App Governance: How to Clean Up Apps Without the Chaos

August 22, 2025 Matthew Levy

Cleaning up applications in Microsoft Entra ID (formerly Azure AD) is a critical part of application governance. Without the right data and process,...

Read More
Commvault Metallic Vulnerability

Commvault Metallic Vulnerability (CVE-2025-3928) Exposed OAuth Credentials

August 8, 2025 Nicolas Blank

Backup applications are designed to protect your data, but when over-permissioned, they can become high-value targets for threat actors. I’ve been...

Read More
Ownerless Applications in Entra ID

How Ownerless Apps in Entra ID Increase Your Attack Surface

July 29, 2025 ENow Software

In Microsoft Entra ID, enterprise applications without assigned owners, often referred to as "ownerless apps" pose significant risks to...

Read More
ENow App Governance Accelerator 3.0

Reclaim Control: Automate Entra ID Governance with ENow App Governance Accelerator 3.0

July 15, 2025 ENow Software

In today’s enterprise environments, Microsoft Entra ID is at the heart of access, identity, and application connectivity. But with hundreds or...

Read More

Securing Workload Identities in Entra ID: A Practical Guide for IT and Security Teams

July 1, 2025 Alistair Pugin

In part 1 of this blog series, we discussed what workload identities are, their risks, and the consequences they cause if not monitored. In this blog...

Read More
1 2 3 4 5
... 6

Get Updates

Featured Articles

Categories

See all