Brute Force Access Behavior Detected

Description

Detects excessive number of failed login attempts along with a successful attempt (this could indicate a successful brute force attack)

Content Mapping

This content is not mapped to any local saved search. Add mapping


Use Case

Security Monitoring, Compliance

Category

Lateral Movement, IAM Analytics

Alert Volume

Detects excessive number of failed login attempts along with a successful attempt (this could indicate a successful brute force attack)

SPL Difficulty

Advanced

Journey

Stage 2

MITRE ATT&CK Tactics

Credential Access

MITRE ATT&CK Techniques

Brute Force

MITRE Threat Groups

APT39
DarkVishnya
FIN5
OilRig
Turla

Data Sources

Authentication