Securaa is a Comprehensive No Code Security Automation Platform that blends intelligence, risk-based asset management, vulnerability insights, automation and incident response into a single platform enabling SOC’s to reduce cybersecurity response time significantly and increase throughput manifolds.
Unauthorized Location Logins
Scenario
A suspicious Login detection system can inform the security teams about the attack that is already happening or may happen anytime soon. The patterns of login behavior are slightly different from the regular logins. There can be various detections triggering a suspicious login like login at an unusual time, different locations, different devices or many unsuccessful attempts. The automatic response against such attack safeguards your users’ accounts, protects their login formation and other data.
What Securaa Does
- With Securaa, you can automate the SOC SOPs for such login failure attempts
- Securaa can be configured to ingest an alert from any log source or SIEM
- As a primary step, Securaa captures the details like user details, geolocation , device information from the ingested case
- Securaa automatically performs the risk scoring on the ingested case on the basis of user’s criticality
- SecBot helps identifying the business criticality of the user and/or if the user is being identified as login from outside prescribed location out of office.
- Remediation done by blocking the user on AD
- Securaa sends email directly to the CISO sending concerns in case of sensitive users
A Step-by-Step Workflow for Unauthorized Location Logins
