Sign In
- Platform
- Solutions
- Modern NDR
- Resources
- Company
Platform
Modern NDR
Resources
Platform
Modern NDR
Resources
DETECTION OVERVIEW
Risk Factors
An erroneous authentication attempt by a valid user might be legitimate, but well-known attacks can enable attackers to authenticate as a compromised user. For example, attack tools such as Mimikatz help attackers steal Kerberos tickets and authenticate to a service that is not usually accessed by the victim. If successful, attackers can collect sensitive information from secured resources and move closer to achieving their objective, such as exfiltrating data or moving laterally across the network.
The system might change the risk score for this detection.
Kill Chain
Risk Score
65
Quarantine the device while checking for indicators of compromise, such as the presence of malware
Review authentication methods and enforce policies for secure credential creation and multi-factor authentication
Implement the principle of least privilege to minimize the damage done from a compromised account
