Eligible and Active highly privileged role assignments SHALL trigger an alert.

Why This Matters

Privileged role assignments in Microsoft Entra ID represent one of the highest security risks in any organization. If a bad actor compromises an eligible or active highly privileged role, they can gain full control over your tenant, modify security settings, or exfiltrate sensitive data. Without alerts for these role assignments, your security team may not detect unauthorized privilege escalations in time to prevent damage.

What Aether365 Checks

This check verifies that alerts are configured for all eligible and active highly privileged role assignments in Microsoft Entra ID. It appears in the Aether365 dashboard under the entra-id service checks.