Credential Compromise

Credential Compromise

Prevention and Mitigation

Credential compromise and account takeover is at the heart of today’s most damaging cyber attacks and breaches. The attacker’s strategy is to compromise an individual user or account, and then use the privileges of that account to move laterally into the network and compromise additional users, devices, and accounts.

Preempt puts a stop to this strategy by automatically identifying accounts and devices that are compromised, stopping lateral movement using compromised credentials, and the ability to dynamically challenge any suspicious or risky behavior without getting in the way of valid user activity.

Identify Compromised Users, Accounts, and Devices

  • Continually analyze behavior of all entities across all authentication and access platforms
  • Identify risky users, groups and departments with robust Risk Scores
  • Automatically recognize when user, service account, or device has been compromised
  • Challenge risky behavior in real-time to confirm a valid identity or preempt an attacker attempting to access sensitive resources

Protection From Lateral Movement Tools and Techniques

  • Protection from hacker tools used to automatically harvest and reuse account credentials
  • Detect and block tools like Mimikatz
  • Prevent Pass-the-Hash techniques or Pass-the-Ticket against Kerberos
  • Stop relay attacks
  • Gain visibility and control over insecure protocols like NTLM and RPC

Adaptively Challenge and Respond

  • Go beyond simply alerting on anomalies and use tools like MFA to verify identity in real time
  • Real-time threat response when potential account compromise or takeover is detected
  • Adaptive action based on identity, behavior and risk

Request a live demo now!

Sign up for a demo to see how the Preempt Platform can help your organization prevent breaches and improve your enterprise security.

Request A Demo