heroui logo

Tines Custom CertificateAuthority setting changed

Panther Rules

View Source
Summary
This detection rule monitors changes made to the Tines Custom Certificate Authority (CA) settings. It is designed to trigger an alert when any modifications occur, providing a mechanism to track potentially unauthorized alterations to critical certificate authority configurations. The rule utilizes audit logs generated by Tines and captures key attributes such as the user ID, operation name, tenant ID, and request IP address to facilitate detailed investigation of events. As it operates on a high severity level, it aims to protect against threats that could arise from improper changes to certificate management, thereby preserving the integrity of digital communications and data security within the Tines environment.
Categories
  • Cloud
  • Web
  • Identity Management
Data Sources
  • User Account
  • Application Log
Created: 2023-05-19