Ensure that guest user access is restricted
Why This Matters
Restricting guest user access in Microsoft Entra ID is a fundamental security control that prevents external users from enumerating directory objects and discovering sensitive information about your organization. Attackers often begin their campaigns with reconnaissance, and lax guest permissions can allow malicious actors to map users, groups, and relationships inside your tenant without triggering alarms.
What Aether365 Checks
This check verifies that guest user access restrictions are set to at least "Guest users have limited access to properties and memberships of directory objects" in your external collaboration settings. You will see this check listed in the Aether365 dashboard under the entra-id security category.
How to Fix
Follow these steps to restrict guest user access in the Azure portal: