Service Account Successful Sign In

Detects service accounts with interactive logins in the last week. Service Accounts are usually used for backend to backend communication and are not supposed to have sign-ins.

Recommended Actions

Please track if this sign-in is legitimate. Consider reviewing the list on a weekly basis or connecting to the digest email.

Custom Detection Settings

Exclude known good ips: false

Compatibility

AWS

Microsoft Entra ID

Duo

GitHub

Google Workspace (GCP)

Okta

Salesforce