Database Protection “Brute Force Login”
Installation of the McAfee DAM Sensor at the Database.
Database monitoring configuration
We need to simulate that a general user or hacker try to login into the database to get the password using tools or social engineering and after many failed logon we have a successful logon.
He logs in to the core of the database server after a multiple failed login.
McAfee DAM sends an alert.
Note: McAfee DAM will look that many failed authentications followed by a successful authentication by the same user and same IP address.
He we can also create a correlation rule at the McAfee SIEM that will detect the Bruce force attack.