Credential Access (Unsecured Credentials) Incident Response

By : 6clicks
This Incident Response Methodology is a cheat sheet dedicated to incident handlers investigating a precise security issue.
In stock

Details

This download includes the 6clicks Incident Response playbook for Password Spraying

The purpose of a Cyber Security Playbook, or Security Playbook, is to provide all members of an organisation with a clear understanding of their roles and responsibilities regarding cybersecurity – before, during and after a security incident.

Password Spraying is a variant of what is known as a brute force attack. In a traditional brute force attack, the perpetrator attempts to gain unauthorized access to a single account by guessing the password repeatedly in a very short period of time. Most organizations have employed countermeasures, commonly a lock-out after three to five attempts. In a Password Spraying attack, the attacker circumvents common countermeasures (e.g., account lockout) by “spraying” the same password across many accounts before trying another password.

Remember: If you face an incident, follow IRM, take notes, and do not panic. Contact your CERT immediately if needed.

6 steps are defined to handle security Incidents:

  • Preparation: get ready to handle the incident
  • Identification: detect the incident
  • Containment: limit the impact of the incident
  • Remediation: remove the threat
  • Recovery: recover to a normal stage
  • Aftermath: draw up and improve the process

Getting Started

Click "Book a demo" and our team will provide you with an overview of our content library within the 6clicks GRC platform.

More Information

More Information
Jurisdiction All
Type Playbook