Authentication Fraud

Authentication Fraud

Low frequency authentication attacks, such as password spraying and credential stuffing, circumvent real-time authentication application business rules and batch analysis by log analysis/SIEM systems.

General IT

The Problem

Metered attacks that generate low volume log-in attempts, from diverse IPs and across extended time frames, are designed to avoid the "3 strikes in 24 hours" business rules in authentication applications and the more complex analysis of log analytics / SIEM platforms. Batch solutions by definition cannot react until after a compromise has occurred while all real-time solutions impose time windows -- any data falling outside these rolling windows, no matter how important, is simply not processed. Either way, that means important patterns are missed and attempts succeed before you can stop them.

The Solution

Quine's changes the status quo by continuously assessing newly arriving events for their match to all known attack patterns, including the identification and tracking of partial behavior matches across any time frame, and billions or trillions of users/devices/applications, until a behavior pattern is fully observed. Once an attack pattern is fully detected, events are generated immediately to trigger an investigation alert or an automated remediation workflow.

Quine's continuous analysis of event streams means there are not time windows to manage, and thus no windows for attackers to engineer their attacks around. And Quine provides this extended time frame of analysis without incurring the cost of SIEM solutions, sifting through data from multiple sources to find and store only the patterns that matter – in this case, the ones that indicate a low and slow attack is underway.

Key Value Delivered

  • Continuously track behavior patterns across billions/trillions of devices, users, and applications
  • Provide analyst a complete record of historical actions by user, device, or application
  • Operate on one domain/customer, or across domains/customers
  • Costs effective vs. log analysis / SIEM data store quotas

Read The Blog

Learn more about these low and slow password spray attacks and how Quine's streaming graph ETL offers an entirely new alternative to costly batch and limited real-time soluitions.

Next Steps