Difference between revisions of "AWS GuarDuty: Finding type"
Jump to navigation
Jump to search
m (Welcome moved page Finding type to AWS GuarDuty: Finding type) |
|||
(2 intermediate revisions by the same user not shown) | |||
Line 5: | Line 5: | ||
API DescribeClusterSnapshots was invoked using root credentials from IP address 185.xx.xx.xx. | API DescribeClusterSnapshots was invoked using root credentials from IP address 185.xx.xx.xx. | ||
+ | Finding type: Impact:IAMUser/AnomalousBehavior | ||
+ | APIs commonly used in Impact tactics were invoked by user Root : YOUR_USERNAME, under anomalous circumstances. Such | ||
+ | activity is not typically seen from this user. | ||
− | {{ | + | == See also == |
+ | * {{GuardDuty}} | ||
+ | |||
+ | [[Category:AWS]] |
Latest revision as of 12:23, 24 January 2022
Finding type: Policy:IAMUser/RootCredentialUsage API ListUserPolicies was invoked using root credentials from IP address 185.xx.xx.xx.
Finding type: Policy:IAMUser/RootCredentialUsage API DescribeClusterSnapshots was invoked using root credentials from IP address 185.xx.xx.xx.
Finding type: Impact:IAMUser/AnomalousBehavior APIs commonly used in Impact tactics were invoked by user Root : YOUR_USERNAME, under anomalous circumstances. Such activity is not typically seen from this user.
See also[edit]
Advertising: