LoFP LoFP / t1619

t1619

TitleTags
access level modifications may be done by a system or network administrator. verify whether the username, hostname, and/or resource name should be making changes in your environment. access level modifications from unfamiliar users or hosts should be investigated. if known behavior is causing false positives, it can be exempted from the rule.
administrators listing buckets, it may be necessary to filter out users who commonly conduct this activity.