Validate whether the app is critical to the Group before thinking about any containment actions. Deactivate the application applying application governance or Microsoft Entra ID to prevent it from accessing assets. Existing app governance guidelines might have already deactivated the app.Call the buyers or admins who granted consent or permissions