Signal Sciences flagged an IP

Goal

Detect when an IP is flagged by Signal Sciences.

This rule lets you monitor Signal Sciences events submitted through the Signal Sciences integration to detect when an IP is flagged.

Determine whether the attack is a false positive.
Determine whether the attack was successful.
If the attack exploited a vulnerability in the application, triage the vulnerability.