- 필수 기능
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- 디지털 경험
- 소프트웨어 제공
- 보안
- 로그 관리
- 관리
- 인프라스트럭처
- ci
- containers
- csm
- ndm
- otel_guides
- overview
- slos
- synthetics
- tests
- 워크플로
Classification:
attack
Set up the auth0 integration.
Detect when Auth0 suspicious IP throttling is disabled.
This rule allows you to monitor Auth0 logs and detect when Auth0 suspicious IP throttling is disabled. Suspicious IP throttling blocks traffic from any IP address that rapidly attempts too many logins or signups. This helps protect your applications from high-velocity attacks that target multiple accounts. Disabling this feature will degrade the security posture of your application, leaving it vulnerable to credential-based attacks like brute force attacks, credential stuffing, or bulk account creation.
{{@data.client_id}}
to understand if this is an expected operation.{{@network.client.ip}}
or the client id {{@data.client_id}}
.