LetsDefend Monitoring Alert

Successful Login from Same IP Address Detected after Multiple Failed Login Attempts

May, 10, 2023, 06:45 AM

Event ID: 145

Event Time: May, 10, 2023, 06:45 AM

Rule Name: SOC195 - Successful Login from Same IP Address Detected after Multiple Failed Login Attempts

Alert Type: Brute Force

MITRE Technique:
T1110 - Credential Access - Brute Force,
T1586 - Resource Development - Compromise Accounts,
T1078.002 - Initial Access - Valid Accounts: Domain Accounts,

Severity: Medium

Incident Responder

2025 © LetsDefend

45305 Catalina ct. Suite 150, Sterling VA 20166