Suspicious activity

Role inline policy updated or created from malicious IP address

Platform(s)

Description

Orca detected that an inline policy was created or updated, the operation was successful. The operation was called from a malicious IP address - {MaliciousIp.MaliciousIp}, which might indicate of a privilege escalation attempt. An attacker with permissions to edit inline policies, can change policies to entities which are in his control.
Need help?

Get a free Security Risk Assessment. Start today

Orca Security Demo Demo the Orca Platform-> In just 10 minutes, you’ll see how Orca Security can revolutionize your cloud security strategy. Watch a recorded demo from a cloud security expert now.