Talk Details

The ultimate Authentication Brute-Force detection using super stats

In this talk, I’m going to walk you through an elegant way to leverage SPL aggregation commands (stats, eventstas and streamstats) to effectively detect the infamous authentication brute-force attacks (Mass Scanners, Targeted and Password Spray ones). Works with virtually any data source providing auth events or using the Authentication data model.

Speaker:

Alex Teixeira

Links:

Video PowerPoint Github