Credential Analysis
  • 26 Feb 2023
  • Dark
    Light

Credential Analysis

  • Dark
    Light

Article Summary

Here you will find a breakdown of all the compromised credentials detected. New credentials are ongoingly collected from targeted attacks Bot Defender detects. Credentials observed in attacks against HUMAN's network, credentials from previous targeted attacks, and credentials from ongoing breaches are flagged and shown as part of Credential Intelligence's collection.

Important terms

Targeted - credentials originating from targeted attacks are observed in attacks only against your app.

Network effect - credentials originating from the network effect were observed in attacks against others in the network.

Blocked by BD (newly collected) - credentials from malicious requests seen for the first time against this app. These are collected into Credential Intelligence for protection.

Blocked by BD and Flagged by CI (CI collection) - credentials from requests that Bot Defender blocked and flagged by Credential Intelligence.

Flagged by CI (CI collection) - credentials that Credential Intelligence flagged as compromised.

Blocked by BD (Excluded) - friction safeguard - credentials that were initially set by Bot Defender as compromised but were filtered by the Credential Intelligence cleaning process due to low confidence. These credentials will not be alerted if seen again unless they are seen in future attacks/breaches.

Login & Authentication requests timeline

Here you will find a timeline of all unique credentials observed at authentication endpoints.

Credential source pie

Here you will find a split of all compromised credentials detected, their source, and attack characteristics.

To read about Accounts Analysis, click here

Was this article helpful?