SOP-22: Conditional Access Policy Tampering Response
SOC analyst SOP for detecting and responding to Conditional Access policy deletions, disabling, or scope modifications that weaken MFA enforcement and enable unrestricted tenant access.
Rudra Verma, Senior Security Architect & Researcher