Difference between revisions of "Impossible travel event observed from 1Password user"
Jump to navigation
Jump to search
| Line 2: | Line 2: | ||
* https://docs.datadoghq.com/security/default_rules/1password-impossible-travel-observed/ | * https://docs.datadoghq.com/security/default_rules/1password-impossible-travel-observed/ | ||
* [[Classification]]: attack | * [[Classification]]: attack | ||
| + | |||
| + | The Impossible Travel detection type’s algorithm compares the [[GeoIP]] data of the last log and the current log to determine if the user (@user.email) traveled more than 500km at over 1,000km/h | ||
Latest revision as of 05:59, 3 June 2024
- https://docs.datadoghq.com/security/default_rules/1password-impossible-travel-observed/
- Classification: attack
The Impossible Travel detection type’s algorithm compares the GeoIP data of the last log and the current log to determine if the user (@user.email) traveled more than 500km at over 1,000km/h
Related[edit]
See also[edit]
- Datadog, Datadog agent, Forwarder, Spans, DBM, standard attribute list, facets, log explorer, Terraform datadog, Airflow,
dog, agent, DogStatsD, Airflow integration, Datadog pipelines,app.datadoghq.eu, Datadog Cloud SIEM, Cloud Security Management, Datadog AWS Integration, Datadog Monitors,dd-trace-go
Advertising:
