CTS Alarms
NetworkPermissions
A malicious IP address similar to historical intelligence is found calling an API that is typically used to change permission of network access to security groups, routes, and ACLs in your account.
Severity: This alarm can be of any severity levels within High, Medium, and Low. MTD determines the potential risk the finding could have to your network.
Data source: CTS logs
A malicious IP address similar to historical intelligence is detected. The IP address tried to call an API that is typically used to change permission of network access to security groups, routes, and ACLs in your account.
Suggestions
If this is an expected activity, add the IP address to the whitelist.
ResourcePermissions
A malicious IP address similar to historical intelligence is found calling an API that is typically used to change secure access policies for various resources in your account.
Severity: This alarm can be of any severity levels within High, Medium, and Low. MTD determines the potential risk the finding could have to your network.
Data source: CTS logs
A malicious IP address similar to historical intelligence is detected. The IP address tried to call an API that is typically used to change secure access policies for various resources in your account.
Suggestions
If this is an expected activity, add the IP address to the whitelist.
UserPermissions
A malicious IP address similar to historical intelligence is found calling an API that is typically used to add, modify, or delete IAM users, groups, or policies in your account.
Severity: This alarm can be of any severity levels within High, Medium, and Low. MTD determines the potential risk the finding could have to your network.
Data source: CTS logs
A malicious IP address similar to historical intelligence is detected. The IP address tried to call an API that is typically used to add, modify, or delete IAM users, groups, or policies in your account.
Suggestions
If this is an expected activity, add the IP address to the whitelist.
ComputeResources
A malicious IP address similar to historical intelligence is found calling an API that is typically used to start compute resources, such as ECS instances.
Severity: This alarm can be of any severity levels within High, Medium, and Low. MTD determines the potential risk the finding could have to your network.
Data source: CTS logs
A malicious IP address similar to historical intelligence is detected. The IP address tried to call an API that is usually used to start computing resources, such as ECS instances.
Suggestions
If this is an expected activity, add the IP address to the whitelist.
PasswordPolicyChange
A malicious IP address similar historical intelligence is found trying to change the account password policy.
Severity: This alarm can be of any severity levels within High, Medium, and Low. MTD determines the potential risk the finding could have to your network.
Data source: CTS logs
A malicious IP address similar to historical intelligence is detected. The IP address tried to change the account password policy.
Suggestions
If this is an expected activity, add the IP address to the whitelist.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
