Suspected bot attacks

Suspected Bot Attack tickets give admin users a summary of the accounts under attack and the frequency of these automated bot attacks from external servers.

Review the Full Details section of the ticket to identify the attack origin and number of attempts. Coro uses IP lookup providers to derive metadata about connecting IP addresses to help admin users identify patterns in suspicious activity. Select the dropdown next to an activity to view any identified details, such as service provider, proxy, organization name, or threat type (where one is identified).

For more information about ticket types, see Ticket types for Cloud Security.