Vulnerabilities
Misconfiguration
Runtime Security
Compliance
Azure > Active Directory >

Ensure No Guest User

MEDIUM
Source
CloudSploit
ID
ensure-no-guest-user
management console

Ensure No Guest User

Ensures that there are no guest users in the subscription

Guest users are usually users that are invited from outside the company structure, these users are not part of the onboarding/offboarding process and could be overlooked, causing security vulnerabilities.

Follow the appropriate remediation steps below to resolve the issue.

  1. Log in to the Microsoft Azure Management Console.

  2. Find the search bar at the top and search for Azure Active Directory. Step

  3. Select the “Azure Active Directory” and on the left navigation panel, select the “Users” under “Manage”.Step

  4. In the users list, look for users with “User type” as “Guest”. If there are “Guest” type users then those users are not part of the onboarding/offboarding process and are considered a security vulnerability. Such accounts must be deleted.Step

  5. Select all Users with “User type” as “Guest” and click “Delete User” on the top right.Step

  6. Click OK in the confirmation popup.Step

  7. Repeat step number 3 to 6 for all other directories.

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2024 Aqua Security Software Ltd.   Privacy Policy | Terms of Use