Suspicious activity

Anomaly detection: Permissive role unusual increase in activity



Unlike in the past, the role started executing API calls for listing and describing assets in the cloud account. In addition to that, there was a unusual increase in activity done by this role. The role was identified by Orca as a permissive role, which in case of compromise can put the cloud account at a higher risk. Therefor those findings might indicate on a malicious usage of the role permissions.