SOP-21: OAuth Illicit Consent Grant Attack Response

SOC analyst SOP for detecting and revoking malicious OAuth application consents — users tricked into granting third-party apps Mail, Files, and Contacts access that bypasses MFA.

2026-06-28T10:07:04.913Z
Rudra Verma, Senior Security Architect & Researcher