LoFP LoFP / system updates, scheduled backups, or misconfigured services may trigger this alert.

Techniques

Sample rules

Spike in host-based traffic

Description

A machine learning job has detected a sudden spike in host based traffic. This can be due to a range of security issues, such as a compromised system, DDoS attacks, malware infections, privilege escalation, or data exfiltration.

Detection logic