The most recent content from our members.
Hi, I'm familiar with the "Continuous Excessive Logon Failure" rule/template. That's great but, I want a little more. What I want to be able to do is create a rule for when a brute force attack is successful. Let's say an account triggered the "Continuous Excessive Logon Failure" rule, repeatedly. So email alerts are sent…
Is there any default rule in LEM to detect below attacks? If not with default, How can we create custom rules for them? BruteForce Attack Directory Harvesting Attack InValid TCP Traffic
It looks like you're new here. Sign in or register to get started.