LetsDefend Monitoring Alert

Multiple User Login Failures Detected on Same Machine

Dec, 26, 2023, 01:14 AM

Event ID: 213

Event Time: Dec, 26, 2023, 01:14 AM

Rule Name: SOC177 - Multiple User Login Failures Detected on Same Machine

Alert Type: Brute Force

MITRE Technique:
T1110 - Credential Access - Brute Force,
T1586 - Resource Development - Compromise Accounts,
T1133 - Initial Access - External Remote Services,
T1597.001 - Reconnaissance - Search Closed Sources: Threat Intel Vendors,

Severity: Low

Incident Responder

2025 © LetsDefend

45305 Catalina ct. Suite 150, Sterling VA 20166