Suspicious activity

Anomaly detection: Increase in reconnaissance activity with an unusual user agent

Platform(s)

Description

Unlike in the past, the role started executing API calls for listing and describing assets in the cloud account. Those API calls were executed with a user-agent which was not seen before. Those findings might indicate on a malicious usage of the role permissions.