def rule(event):
    if all(
        [
            event.deep_get("event_type", default="") == "authentication",
            event.deep_get("reason", default="") == "bypass_user",
        ]
    ):
        return True
    return False
