Back to changelog

Updated OAuth risk scores account for additional risk context

September 12, 2024

Nudge Security delivers a risk score for each OAuth grant in your environment to help you prioritize and manage OAuth risks at scale. Previously, risk scores were based on the permissiveness of each grant’s scopes. 

‍

Now, Nudge Security has updated these risk scores to account for our recently-added OAuth risk insights, which highlight signals such as popularity, trust signals from vendors, and indicators of potential phishing. For example, a grant with an unusually high level of access may have a lower risk score if the grant was created by Google or Microsoft or has passed a security review. In contrast, a grant may have a high risk score despite more limited access if Nudge Security detects malicious domains or potentially deceptive practices within an app’s registration information.

‍

Related posts

See what you've been missing.