Suspicious activity

Defender for Cloud: Successful SSH brute force attack

Risk Level

Informational (4)



Analysis of host data has detected a successful brute force attack. The IP was seen making multiple login attempts. Successful logins were made from that IP. This means that the host may be compromised and controlled by a malicious actor.
  • Recommended Mitigation

    It is recommended to review the permissions which were used to make this operation.