Suspicious activity

Create bucket API call was made from malicious IP address

Risk Level

Imminent Compromised (2)

Platform(s)

Description

Orca detected that an API call to create bucket was made from a malicious IP address - {MaliciousIp.MaliciousIp}. This action may indicate of a presence of an unauthorized actor in the cloud environment, since create bucket API call was sourced from a malicious IP address - {MaliciousIp.MaliciousIp}.
  • Recommended Mitigation

    It is recommended to review the permissions which were used to make this api call. In addition, review the bucket that was created.