Signal Sciences Flagged an IP
Security Monitoring is now available Security Monitoring is now available
<  Back to rules search

Signal Sciences Flagged an IP

signal_sciences

Set up the signal_sciences integration.

Overview

Goal

Detect when an IP is flagged by Signal Sciences.

Strategy

This rule lets you monitor Signal Sciences events submitted through the Signal Sciences integration to detect when an IP is flagged.

Triage & Response

  1. Determine whether the attack is a false positive.
  2. Determine whether the attack was successful.
  3. If the attack exploited a vulnerability in the application, triage the vulnerability.