Scanning_bucket_policies_AWS_Macie

Alert

Scanning bucket policies

SK4 unified event:
Connector/Service

AWS/Macie

SK4 Version:

2.3.105

Created Date:

Sun Feb 17 2019 13:46:40 GMT+0000 (Coordinated Universal Time)

Last Update:

Tue May 14 2019 06:54:37 GMT+0000 (Coordinated Universal Time)

Category

Security Alert

Description

Alerting on failed enumeration of a large amount of bucket policies.

Search query

cef_vendor="skyformation" cef_name="security-threat-detected" destinationServiceName="AWS" sourceServiceName="aws.macie" proto="Scanning bucket policies"

Parsed CEF
Unparsed raw data

Expand to see an example...

Audit sources