Prevent a user from trigerring the same cloud app policy multiple times
Jean Valjean 999
0
Reputation points
Hello,
I have a policy that triggers when a user fails to connect 100 times in 60 minutes. The main use of this policy is to notify our security team when a user is likely to be under attack so that they can contact the user to establish a strong password and enable the MFA. The issue however is that the same user can trigger this policy multiple times. This means that we get a lot of redundant alerts regarding the same user.
Is it possible to make it so once a user triggered the policy, they can't trigger it again for a certain amount of time ?
Best regards.
Sign in to answer