AZT203 - Malicious Application Consent#
An adversary may lure a victim into giving their access to a malicious application registered in AzureAD.
Azure Active Directory
Any user can consent to an application which will impersonate that user's privileges.
|Data Source||Application||Resource||Log Provider|
|Azure Active Directory||N/A||AAD||AuditLogs|
Please review the incident response playbooks in the 'Additional Resources' section below.