Credential Access (Unsecured Credentials) Incident Response
Details
This download includes the 6clicks Incident Response playbook for Password Spraying
The purpose of a Cyber Security Playbook, or Security Playbook, is to provide all members of an organisation with a clear understanding of their roles and responsibilities regarding cybersecurity – before, during and after a security incident.
Password Spraying is a variant of what is known as a brute force attack. In a traditional brute force attack, the perpetrator attempts to gain unauthorized access to a single account by guessing the password repeatedly in a very short period of time. Most organizations have employed countermeasures, commonly a lock-out after three to five attempts. In a Password Spraying attack, the attacker circumvents common countermeasures (e.g., account lockout) by “spraying” the same password across many accounts before trying another password.
Remember: If you face an incident, follow IRM, take notes, and do not panic. Contact your CERT immediately if needed.
6 steps are defined to handle security Incidents:
- Preparation: get ready to handle the incident
- Identification: detect the incident
- Containment: limit the impact of the incident
- Remediation: remove the threat
- Recovery: recover to a normal stage
- Aftermath: draw up and improve the process
Getting Started
Click "Book a demo" and our team will provide you with an overview of our content library within the 6clicks GRC platform.More Information
Jurisdiction | All |
---|---|
Type | Playbook |