Talk Details
The ultimate Authentication Brute-Force detection using super stats
In this talk, I’m going to walk you through an elegant way to leverage SPL aggregation commands (stats, eventstas and streamstats) to effectively detect the infamous authentication brute-force attacks (Mass Scanners, Targeted and Password Spray ones). Works with virtually any data source providing auth events or using the Authentication data model.
Speaker:
Links:
| Video | PowerPoint | Github |