Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 6 Next »

Overview

 Government Attack Warning

A government-backed attacker could try to steal a password or other personal information of one of your users by sending an email containing a harmful attachment, links to malicious software or to fake websites.

Source table → cloud.gsuite.alerts

 Drive Open To Public

An attacker may access data objects from improperly secured cloud storage.

Source table → cloud.gsuite.audit.drive

 Access Transparency Event

A Google Access Transparency log event has been generated. Google is accessing your data.

Source table → cloud.gsuite.reports.access_transparency

 2SV Disabled

An adversary may attempt to disable the second factor authentication in order to weaken an organization’s security controls.

Source table → cloud.gsuite.reports.admin

 Login Account Warning

An attacker could steal the credentials of one of your users.

Source table → cloud.gsuite.reports.login

 Mobile Suspicious Activity

An attacker could steal the credentials or the mobile device of one of your users.

Source table → cloud.gsuite.reports.mobile

 Excessive OAuth Permissions Request

An adversary may steal application access tokens as a means of acquiring credentials to access remote systems and resources.

Source table → cloud.gsuite.reports.token

 Unauthorized OAuth App

Detects authentications from OAuth apps outside of your predefined list of approved OAuth applications.

Source table → cloud.gsuite.reports.token

  • No labels