FYI – Want to share this with you guys. When I investigated the login for Navin, I searched Office 365, Azure, CyberArk login events and found nothing. Went to eSentire portal to look at event and noticed it was related to GCP (Google Cloud Platform). Searched the Google Workspace security logs using the Security Investigation Tool. See screenshot below for the filters I used. 

 

Keep this for future need. 

 

 

 

 

 

 

Edwardo Frias | IT Director | 650-233-5766

Learn about our promise to entrepreneurs.

 

From: eSentire Inc. <esoc@esentire.com>
Sent: Monday, June 24, 2024 11:02 PM
To: Help Desk <Helpdesk@mayfield.com>; mfhelpdesk <mfhelpdesk@mayfield.com>; Edwardo Frias <efrias@mayfield.com>
Subject: [EXTERNAL] Re: CS3297817 - CS3297817 - Mayfield Fund, L.L.C. - Moderate - North America - esLog - SUSPICIOUS - USER_ACTIVITY - nchaddha@mayfield.com - UPDATE

 

 

eSentire

 

Case: CS3297817

Full details of this case can be found in eSentire Insight Portal

 

Thank you for your email. We have updated CS3297817 and are continuing to work on your request. We will reach out with any additional questions or relevant updates.

If your request is urgent, the SOC is available 24/7 using the contact numbers listed below.

 

eSentire Inc.– The Authority in Managed Detection and Response

Direct-to-SOC Toll Free North America +1 844 552 5837
Direct-to-SOC Toll Outside of North America +353 21 4757102
United Kingdom Toll Free 0800 044 3242
International +1 519 651 2200 x5700
https://www.esentire.com

This email is confidential and may be legally privileged. It is intended as
a confidential communication only for the person(s) named above. Any
other use or disclosure is prohibited. If you have received this message
in error, please delete it, disregard its contents and telephone us
 immediately at +1 519.651.2200.

 

From: efrias@mayfield.com
Sent: June 24, 2024 11:01:37 PM PDT
To: esoc@esentire.com,mfhelpdesk@mayfield.com
Subject: RE: [EXTERNAL] CS3297817 - CS3297817 - Mayfield Fund, L.L.C. - Moderate - North America - esLog - SUSPICIOUS - USER_ACTIVITY - nchaddha@mayfield.com

Than you for the review and update. 

 

 

Edwardo Frias | IT Director | 650-233-5766

Learn about our promise to entrepreneurs.

 

From: eSentire Inc. <esoc@esentire.com>
Sent: Monday, June 24, 2024 7:48 PM
To: mfhelpdesk <mfhelpdesk@mayfield.com>; Edwardo Frias <efrias@mayfield.com>
Subject: [EXTERNAL] CS3297817 - CS3297817 - Mayfield Fund, L.L.C. - Moderate - North America - esLog - SUSPICIOUS - USER_ACTIVITY - nchaddha@mayfield.com

 

 

eSentire

Case: CS3297817

Visit Insight Portal to see the full details of this case.

Your case has been updated.

Hello Edwardo,

Thank you for your patience while we further reviewed this investigation. We would like to apologize for sending this alert in error. When further reviewing this user login history, we can see an attempt was made from France, but not successful. We will use this opportunity to further increase awareness in the importance of carefully reviewing queries while investigating to ensure we are alerting properly. Please see below image for verification that this was unsuccessful.

As always, if there are any other questions or concerns please do not hesitate to reach back out.

Regards,

If your request is urgent, the SOC is available 24/7 using the contact numbers listed below.

Kindest Regards,

eSentire Inc.– The Authority in Managed Detection and Response

Direct-to-SOC Toll Free North America +1 844 552 5837
Direct-to-SOC Toll Outside of North America +353 21 4757102
United Kingdom Toll Free 0800 044 3242
International +1 519 651 2200 x5700
https://www.esentire.com

 

This email is confidential and may be legally privileged. It is intended as
a confidential communication only for the person(s) named above. Any
other use or disclosure is prohibited. If you have received this message
in error, please delete it, disregard its contents and telephone us
 immediately at +1 519.651.2200.

 

 

Ref:ESNP20244557_w13ZzpQQltIuabLgAQ

 

Ref:ESNP20245534_R0m2W0AeX6PnNrjkmS