Signal Sciences flagged an IP

This page is not yet available in Spanish. We are working on its translation.
If you have any questions or feedback about our current translation project, feel free to reach out to us!

Goal

Detect when an IP is flagged by Signal Sciences.

Strategy

This rule lets you monitor Signal Sciences events submitted through the Signal Sciences integration to detect when an IP is flagged.

Triage and response

  1. Determine whether the attack is a false positive.
  2. Determine whether the attack was successful.
  3. If the attack exploited a vulnerability in the application, triage the vulnerability.
PREVIEWING: mcretzman/DOCS-9337-add-cloud-info-byoti