Over time, many Entra ID tenants evolve into landscapes filled with forgotten and ownerless objects: accounts from former employees, guests who never returned, orphaned groups, applications without accountability, service principals with excessive permissions, and Conditional Access policies that no longer reflect reality. These remnants often remain invisible while continuously expanding the attack surface.

In this session, I guide you through practical strategies for effective Entra ID cleanup. We examine what typically accumulates, why it creates real security exposure, and how to systematically uncover both obsolete objects and outdated configurations. Using proven approaches with logs, PowerShell, Security Copilot, and the Conditional Access Optimization Agent, you’ll learn how to establish transparency and reduce risk in a controlled and sustainable way.

You will leave with a concrete, actionable checklist to streamline your tenant, minimize exposure, and maintain long-term security and governance leaving no unnecessary objects or policies behind.

The session is based on real-world customer experience and includes practical guidance, live demonstrations, and reusable approaches. A basic understanding of Entra ID and identity administration concepts is recommended. Close to the conference date, the material and demos will be updated to reflect the latest public preview and GA features.