DE.CM-09.286

Does your organization monitor authentication attempts to detect credential-based attacks and unauthorized credential reuse?

Explanation

Monitoring authentication attempts helps identify potential brute force attacks, credential stuffing, password spraying, or instances where stolen credentials are being used. This monitoring should include tracking failed login attempts, successful logins from unusual locations or devices, and patterns that might indicate automated attacks. Evidence could include screenshots of authentication monitoring dashboards, alert configurations from security tools, authentication logs with anomaly detection rules, or documentation of your incident response procedures for credential-based attacks.

Implementation Example

Monitor authentication attempts to identify attacks against credentials and unauthorized credential reuse

ID: DE.CM-09.286

Context

Function
DE: DETECT
Category
DE.CM: Continuous Monitoring
Sub-Category
Computing hardware and software, runtime environments, and their data are monitored to find potentially adverse events

ResponseHub is the product I wish I had when I was a CTO

Previously I was co-founder and CTO of Progression, a VC backed HR-tech startup used by some of the biggest names in tech.

As our sales grew, security questionnaires quickly became one of my biggest pain-points. They were confusing, hard to delegate and arrived like London busses - 3 at a time!

I'm building ResponseHub so that other teams don't have to go through this. Leave the security questionnaires to us so you can get back to closing deals, shipping product and building your team.

Signature
Neil Cameron
Founder, ResponseHub
Neil Cameron