Risky Parallel Sessions

Detects users that have different session IDs in a one-minute timeframe from at least two unique user agents and two unique IPs where not all IPs are common for the integration.

Running parallel sessions is not high risk on its own, but is not common outside of IT.

Recommended Actions

Please verify the users with sessions running in parallel are from IT/InfoSec teams.



Last updated