Navigation :
Suspicious Account Lockout
Description
Triggered when an account lockout occurs without any corresponding cause (e.g., password change, password reset, etc.)
Content Mapping
This content is not mapped to any local saved search. Add mapping
Use Case
Advanced Threat Detection, Insider Threat, Security Monitoring, Compliance
Category
Lateral Movement, Insider Threat, Account Compromise, IAM Analytics
Alert Volume
Medium
(?)SPL Difficulty
None
Journey
Stage 4
MITRE ATT&CK Tactics
Credential Access
MITRE ATT&CK Techniques
Brute Force
MITRE Threat Groups
APT39
DarkVishnya
FIN5
OilRig
Turla
Data Sources
Windows Security