Azure Entra Security Scanner

The new feature for custom script

Not sure if this "PAT" part will be the final solution, or i can make i better But the goal is to have a community to share custom scripts

## The Problem Every CISO Knows Your Azure Entra ID tenant is the front door to your entire cloud estate. Behind that door: hundreds of app registrations with over-permissioned secrets, service principals with stale credentials, conditional access policies with gaps you don't know about, and attack paths that chain these misconfigurations into real breaches. Microsoft provides tools. They're scattered across Defender, Entra admin center, Azure Portal, and Graph API queries you run manually. None of them give you a unified, scored, actionable view of your Entra security posture — and none of them let your team extend the scanning with organization-specific checks.

I am working on a Azure security scanner tool, and it gets new feature on as we go. My last idea i that i would make it possible to upload/make phyton script inside the apps dashboard, and make it run the scan, its must be with some templates etc, what you see below is a part of the Roadmap that is sent to Copilot that uses my Agent flow to build apps