Stolen credentials have been a persistent problem, and organizations have yet to effectively solve that problem. Every week, we hear about credential-stuffing attacks where a threat actor successfully steals credentials, logs in to the environment and moves laterally to gain higher-level access. All activities have a single focus: to access private data or high-value assets.
Exabeam is successfully helping organizations detect these activities through analytics, including mapping the activities to MITRE. This article details how Exabeam was able to help a specific customer detect instances of compromised credentials and lateral movement.