Top Questions During Onboarding

How will Credential Intelligence work?

  • Once the integration is up and running, every request with credentials (to a configured path which can include account creation, password change, and account login), will be checked against the collection
  • Once the credentials are deemed compromised, a response header will be sent in real-time to the enforcer with the value true

What is the collection comprised of?

  • The collection includes credentials that have been extracted from live credential stuffing attacks by threat actors against one or more of our customers. Since these pose a clear and present danger from global attacks and are in actual use by threat actors, they are reported as compromised
  • By default, all Credential Intelligence customers enjoy the network effect and access to the collection of real-time global attacks
  • The system will learn from targeted credential stuffing attacks only while Bot Defender is installed and tuned

What will I see once the integration is complete?

  • Compromised credential usage - traffic using identified compromised credentials will be flagged as such
  • The number of successful logins with compromised credentials, i.e. vulnerable accounts potentially already taken over, will be available

Did this page help you?