Flying Gecko

Human Error Remediation – Operator disables firewall on an instance, virtual machine or server. Description: this use case describes how the platform can identify and fix a human error which, in this case, is the action of disabling the firewall on an instance. Scenario: during daily activities an operator disables by error the firewall configured…

Continue reading

Description: a typical attack case which may occur against many different types of protocols (SSH, HTTP, FTP, etc) consisting on unwanted or not authorized accesses logged by the O.S. or by a service or an application. The common factor in this attack is the frequency and the status of the requests coming from the attacker….

Continue reading

Description: A service installed on an instance has its own settings regarding disk space management and generates a log line when the configured threshold is reached. It is important to receive and manage this type of event in the shortest time possible, also intervening with mitigation actions (for e.g. running a cleanup process). Scenario: during…

Continue reading

Description: this condition may be caused by a variety of different reasons and may disrrupt of one or more services. An abnormal number of connections to a service may happen for different reasons, all of which require a quick response: In all cases corrective actions must be taken to avoid the problem, and the first…

Continue reading

Description: when the email password credentials are leaked from a mail server, an attacker may use that system to send millions of spam emails. The impact is on the reputation of the mail system which is reported in the global anti-spam engines (blacklists), after sending out a certain number of spam emails. We want to…

Continue reading