Signal Sciences flagged an IP

Goal

Detect when an IP is flagged by Signal Sciences.

Strategy

This rule lets you monitor Signal Sciences events submitted through the Signal Sciences integration to detect when an IP is flagged.

Triage and response

  1. Determine whether the attack is a false positive.
  2. Determine whether the attack was successful.
  3. If the attack exploited a vulnerability in the application, triage the vulnerability.