Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
Detects 3+ failed actions against an account followed by a success in a short window, indicating brute-force or credential guessing.
| Attribute | Value |
|---|---|
| Type | Analytic Rule |
| Solution | CyberArkAudit |
| ID | bdf3cf98-d64f-4c55-97e4-43483d6d3237 |
| Severity | Medium |
| Kind | Scheduled |
| Tactics | CredentialAccess |
| Source | View on GitHub |
This content item queries data from the following tables:
| Table | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|
CyberArk_AuditEvents_CL |
? | ✓ | ? |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊