Mar 28 2023 02:45 AM - edited Mar 28 2023 02:47 AM
The "Unused app" policy, which can be found in Microsoft 365 Defender > App governance > Policies keeps generating multiple Alerts for the same two OAuth apps (50 Alerts per day). One of the apps is deleted, and the other app is disabled in Azure AD.
I contacted Microsoft Support and to solve the problem they wanted to disable e-mail notifications for new Microsoft 365 Defender Alerts... The diagnose was that Microsoft 365 Defender was not communicating with Azure AD, and I should give a one star rating using the Feedback button. This didn't seem satisfactory.
How could I troubleshoot the connection between Microsoft 365 Defender and Azure AD for Cloud Apps, and the wrong Alerts generated by Defender for Cloud Apps?
Mar 28 2023 07:13 AM
SolutionMar 28 2023 07:13 AM
Solution