What is Docusign Monitor?

Using advanced analytics, Docusign provides around-the-clock cybersecurity monitoring and notifications. Monitor can evaluate what events may be suspicious, enabling you to act upon them in near real-time.

With Docusign, you can set up specific alerts for events such as:

Compromised Credentials: Monitor detects when hackers try to unsuccessfully log on and access with leaked credentials from other services. Dark web or paste sites commonly sell leaked and compromised credential.
Sign-ins from Anonymous or Cloud IPs: Cybercriminals often initiate attacks by starting from an anonymous proxy or VPN because they want to hide their tracks. Similarly, they use cloud vendors (such as AWS or Azure) to initiate attacks.

Simultaneous or suspicious logons: Attackers try to initiate sessions from geographically distant locations in a short time period (such as from Seattle and Vietnam).
Indications of potential data extraction:

• Users added or inactivated or assigned admin privileges, alerting administrators to changes made to users or their permissions and privileges.
• Atypical download or deletion of large numbers of envelopes
• Atypical sending of large numbers (Bulk sending) of envelopes
• Atypical downloading of large numbers (Bulk exporting) of user information
• See the Docusign Monitor eSignature Alerts and the Docusign Monitor CLM Alerts support articles for detailed information.

Supported Plans:

Docusign Monitor is available as a separate add-on for all Docusign eSignature plans and Docusign CLM and Docusign CLM+ plans.

Thanks for posting your question on the Docusign Community!