OnDemand | Why Compromised Credentials are Cybersecurity’s Weakest Spot and Five Best Practices for Eliminating Blindspots
Millions are spent on security operations centers — in tools, processes, and people — yet we still have million-dollar problems.
It’s not from a lack of passion or effort from security analysts and responders in the SOC; it’s often due to an efficacy gap and a lack of adversary alignment. The leading tactical reason is compromised credentials…credentials that are purchased in criminal marketplaces, used from prior incidents, or collected as part of a larger campaign.
Given this, how can SOCs begin to address this often missed intrusion type? Why are credentials, when used as part of an attack, so difficult to detect and respond to? What capabilities are recommended and required to manage this difficult problem set?
Understanding behavior, especially of credentials, is a key capability to add when commodity security controls fail. When is it right to consider capabilities like behavioral analytics, dynamic peer group comparisons, and enterprise consumable user and entity timelines? Exabeam believes that machine learning-driven behavioral analytics and automation technologies can arm security teams with unmatched threat detection, investigation and response capabilities.
The attendees will discuss addressing current gaps in planning, detection and response as well as organizational and personnel challenges.
- How $10 worth of purchased credentials can mean a breach
- How most organizations detect and respond to compromised credentials
- How traditional approaches create blind spots in detecting compromised credentials
- Exabeam’s five recommendations for eliminating compromised credential blind spots