🕵️ Keep tabs on suspicious searches for sensitive information

We're excited to announce a new detection in Beacon - Suspicious Search Activity in Confluence!

What is it?
You will receive an alert whenever a user has searched Confluence for multiple suspicious terms in a short period of time.

This user’s searches may relate to: credentials, secrets, passwords, credit cards, cryptocurrency, or other sensitive terms.

What should you do if you receive this alert?
We recommend you head into Beacon to investigate the alert! At this time, we are unable to show you the exact search terms to investigate due to compliance issues.

However, we encourage you to review the user and their log activities to obtain additional contextual information.

We are working with our internal teams to safely surface this data within Beacon so you can investigate these types of alerts and remediate quickly.

Comment on this with questions or feedback!