icon-itdr.svg
ITDR

Viewing the Entra ID Risk Reduction Roadmap

The Risk Reduction Roadmap provides a proactive security approach to improve the security posture of your Entra ID tenant. It enables you to view the current risk severity of your tenant and allows you to systematically lower the severity by providing an actionable remediation roadmap. You can leverage this roadmap to remediate issues and improve the security posture of your Entra ID tenant.

ITDR categorizes risk severity into 4 levels: Critical, High, Medium, or Low. Issues with critical severity need immediate attention.

The interactive slider in the Risk Reduction Roadmap on the Entra ID Dashboard allows you to view the current risk severity level and set a target severity level. For example, if the current risk is Critical, you can adjust the slider to set a goal to lower it to High. After the target is set, ITDR automatically analyzes security issues, prioritizes them based on severity, and provides an actionable remediation plan. Each identified risk shows the total number of affected objects (users, service principals, and configurations) and actionable remediation links. You can click the links to view remediation flowcharts or step-by-step instructions to remediate issues and achieve the targeted risk severity for the Entra ID tenant.

To view the risk remediation roadmap:

  1. Go to ITDR > Dashboard > Entra ID.
  2. On the Entra ID Dashboard:

    1. Select a tenant from the Result for drop-down menu.
    2. Select a timestamp from the scanned on drop-down menu.

    The scan result for the Entra ID tenant appears.

  3. In the Risk Reduction Roadmap section, adjust the slider to a lower severity level. For example, if your current tenant risk is Critical, adjust the slider to High.

    ITDR automatically analyzes issues, prioritizes them based on severity, and lists the total number of objects with actionable remediation links.

  4. Select an issue and click View Remediation.

    The Detailed Findings and Recommendations page opens with the remediation flowcharts or step-by-step remediation instructions.

  5. Remediate all the issues listed in the roadmap to achieve the target risk severity for your Entra ID tenant.
Related Articles
About the Entra ID DashboardViewing the Entra ID Vulnerability ReportDownloading the Entra ID Vulnerability ReportDownloading the Zscaler ITDR Microsoft Entra ID Executive Summary ReportDownloading the Entra ID Delta ReportViewing the Entra ID Detailed Findings and Recommendations DetailsViewing the Top Vulnerable Entra ID IdentitiesViewing Affected Entra ID Identity DetailsViewing the Entra ID Issue Details Grouped by SeverityViewing Entra ID Issue Details Grouped by Risk TypeViewing the Entra ID Risk Reduction RoadmapViewing the Entra ID Issue Details Grouped by MITRE ATT&CK TechniquesRunning Remediation Actions for Microsoft Entra ID IssuesViewing Entra ID Remediation HistoryDeleting an Entra ID Scan Report