Default Account At Rest Detected

Description

Discovers the presence of default accounts even if they are not being used. Default accounts should be disabled in order to prevent an attacker from using them to gain unauthorized access to remote hosts.

Content Mapping

This content is not mapped to any local saved search. Add mapping


Use Case

Security Monitoring, Compliance

Category

IAM Analytics

Alert Volume

Discovers the presence of default accounts even if they are not being used. Default accounts should be disabled in order to prevent an attacker from using them to gain unauthorized access to remote hosts.

SPL Difficulty

Medium

Journey

Stage 4

Data Sources

Configuration Management