Difference between revisions of "Datadog SIEM Content Packs for 1Password"
Jump to navigation
Jump to search
(One intermediate revision by the same user not shown) | |||
Line 4: | Line 4: | ||
Rules: | Rules: | ||
− | * [[1Password vault export attempt by user]] | + | * <code>[[1Password vault export attempt by user]]</code> |
− | * [[Unusual 1Password item usage action observed from user]] | + | * <code>[[Unusual 1Password item usage action observed from user]]</code> |
− | * [[Impossible travel event observed from 1Password user]] | + | * <code>[[Impossible travel event observed from 1Password user]]</code> |
− | * [[Anomalous amount of failed sign-in attempts by 1Password user]] | + | * <code>[[Anomalous amount of failed sign-in attempts by 1Password user]]</code> |
− | * [[Unusual 1Password device authorization activity]] | + | * <code>[[Unusual 1Password device authorization activity]]</code> |
− | * [[Attempt to modify a 1Password item by user]] | + | * <code>[[Attempt to modify a 1Password item by user]]</code> |
+ | |||
+ | == Related == | ||
+ | * [[1Password Datadog integration]] | ||
== See also == | == See also == |
Latest revision as of 16:24, 26 August 2024
Rules:
1Password vault export attempt by user
Unusual 1Password item usage action observed from user
Impossible travel event observed from 1Password user
Anomalous amount of failed sign-in attempts by 1Password user
Unusual 1Password device authorization activity
Attempt to modify a 1Password item by user
Related[edit]
See also[edit]
- Datadog security: Datadog Cloud SIEM, Content Packs, Datadog Cloud SIEM signals
- 1password,
op
, Privnote, Kolide, 1password connect, 1password Kubernetes Injector,1password-cli, kind: OnePasswordItem
, 1Password Browser extension,uses: 1password/load-secrets-action@v2
, 1Password Watchtower, 1Password Secrets Automation, 1password secret key, 1password Kubernetes operator, operator logs
Advertising: