0 Replies Latest reply on May 2, 2016 1:49 PM by yassinezeroual

    DAM Use case 2: Database Protection “Brute Force Login”


      Database Protection “Brute Force Login”


        Installation of the McAfee DAM Sensor at the Database.

        Database monitoring configuration


      We need to simulate that a general user or hacker try to login into the database to get the password using tools or social engineering and after many failed logon we have a successful logon.

        He logs in to the core of the database server after a multiple failed login.

        McAfee DAM sends an alert.


        Note: McAfee DAM will look that many failed authentications followed by a successful authentication by the same user and same IP address.

         He we can also create a correlation rule at the McAfee SIEM that will detect the Bruce force attack.