Update Role API call that removed permissions from a role was made from TOR IP address - Complete Cloud Security in Minutes - Orca Security

Suspicious activity

Update Role API call that removed permissions from a role was made from TOR IP address

Risk Level

Imminent Compromised (2)

Platform(s)

Description

Orca detected that an API call to update a role was made from a Tor IP address - {MaliciousIp.MaliciousIp}.

Recommended Mitigation

It is recommended to review the permissions which were used to make this api call. In addition, review the actions of the affected user and remove the policy if it is possible.

See Orca in action

See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.