New Country Login Detection
Overview
New country login detection highlights logins from countries that are unusual for a user or system.
What this feature does
It helps administrators notice access patterns that may require verification.
Why it is useful
- It can reveal account compromise.
- It helps security teams investigate unusual access.
- It adds context to successful login events.
Who should read this?
RISE Admin, Security Officer, System Owner.
Where to find it
Rise Audit Pro → Security Dashboard and Auth Log.
How to use it
- Open Security Dashboard.
- Review new country login summaries.
- Open the related Auth Log events.
- Confirm whether the user was traveling or using a VPN.
- Take action if the login is unexpected.
Example workflow
A user who normally logs in from Egypt appears with a successful login from another country. The admin checks with the user before taking further action.
Screenshot
Screenshot required
Capture from: Rise Audit Pro → Security Dashboard → New Country Logins
Capture from: Rise Audit Pro → Security Dashboard → New Country Logins
Common mistakes
- Treating country detection as perfect proof. VPNs and proxies can affect location.
- Ignoring successful new-country logins because they are not failed attempts.
- Not combining country data with device, time, and activity context.
Related articles
- IP and Country Lookup
- Login Success Events
- Investigating Suspicious Login Activity
