Suspicious activity

Anomaly detection: Role with unusual amount of access denied responses

Platform(s)

Description

Unlike in the past, a role that is related to an instance profile executed API calls, which resulted in an unusual amount of access denied. In addition there was an unusual amount of unique event names in recent activity of the role. Therefor those findings might indicate on a malicious usage of the role permissions.