Sign In
- Platform
- Solutions
- Modern NDR
- Resources
- Company
Platform
Modern NDR
Resources
Platform
Modern NDR
Resources
DETECTION OVERVIEW
Risk Factors
Brute force attacks are low cost and relatively easy to perform. Even though this type of brute force attack is noisy, the attacker can effectively obtain credentials due to the commonality of weak and repurposed passwords.
The system might change the risk score for this detection.
Kill Chain
Risk Score
60
Before an attacker can access critical services, they must first acquire valid credentials. Kerberos is an authentication protocol that verifies user credentials and permissions for accessing services within environments such as Active Directory. When a user wants to access a service, they submit credentials to an authentication server, which then provides a ticket (essentially a cryptographic proof of identity). An attacker can attempt to gain a valid Kerberos ticket with a brute force attack. A brute force attack is a method for guessing a weak user or system password in the initial authentication request. Brute force attacks can occur manually through trial and error or with password cracking tools.
Limit the number of account login attempts and then block users that exceed this number
Review authentication methods and enforce policies for secure credential creation and multi-factor authentication
