Ensure all or a majority of third-party and custom apps are blocked

Why This Matters

Unrestricted third-party and custom applications can introduce unverified code into your Microsoft 365 environment, creating a security gap for data exfiltration and unauthorized access. IT administrators should prioritize this check because malicious or poorly written apps may bypass your security controls and compromise tenant data.

What Aether365 Checks

This verification examines your Microsoft 365 app consent policies to confirm that third-party and custom applications are either fully blocked or allowed only for a small, approved set. In the Aether365 dashboard, this appears under the microsoft-365 service category as check CIS.M365.8.4.1.