This detection identifies when an app consented to suspicious OAuth scope and manufactured a higher quantity of abnormal electronic mail search routines, such as email seek out specific content through the Graph API.FP: If you're able to affirm that no unconventional routines were being executed because of the app or the app is intended to make unu