Hi Eugene Wadeya,
Could you please provide more details on how you can configure the service account's blocking settings.
------------------------------
Regards,
ππ’πππ¬π‘ πππ‘ππ
Senior Security Consultant
Mumbai
------------------------------
Original Message:
Sent: 01-16-2024 23:13
From: Eugene Wadeya
Subject: Imperva Securesphere Blocking
Hi @Mitesh Mehta
I followed all the instructions but the login is still successful.
The MX sends an email alert when the policy is triggered but the login is not blocked. I tried both inline and sniffing mode, non is working
------------------------------
Eugene Wadeya
SOC Team Lead
Stima Sacco
Nairobi
Original Message:
Sent: 01-16-2024 07:42
From: Mitesh Mehta
Subject: Imperva Securesphere Blocking
Hi Eugene,
Use the link below to check if the configured service account blocking settings are correct.
Blocking Traffic
I hope this helps.
------------------------------
Regards,
ππ’πππ¬π‘ πππ‘ππ
Senior Security Consultant
Mumbai
Original Message:
Sent: 01-16-2024 02:32
From: Eugene Wadeya
Subject: Imperva Securesphere Blocking
Hi Guys,
I have created a custom DB Service rule to detect when Service accounts login from Local IP groups.
When I set the action to block and test the same, imperva is not blocking the login attempt. Any reason why?
#DatabaseActivityMonitoring
------------------------------
Eugene Wadeya
SOC Team Lead
Stima Sacco
Nairobi
------------------------------