- 필수 기능
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- 디지털 경험
- 소프트웨어 제공
- 보안
- 로그 관리
- 관리
- 인프라스트럭처
- ci
- containers
- csm
- ndm
- otel_guides
- overview
- slos
- synthetics
- tests
- 워크플로
Tactic:
When working normally, your application may be returning personally identifiable information (PII) to users.
Although this could be intended, that feature may be abused by an attacker to leak that PII.
This rule aims to detect when an attacker is trying to leak PII from your application based on the volume of requests coming from a single IP.
Correlate traces from routes known to return PII and gauge the usual number of requests performed by public IPs.
If an IP is seen significantly exceeding the normal rate, a Low
signal will be generated.
@api.security.fields.pii.res
.