The security controls for Auth methods will show as not compliant if the tenant is using EAM e.g. Cisco Duo. Can we detect and automatically add an exclusion or handle this in a smarter way?