- Product
Product Overview
Sophisticated security with unmatched simplicityCloud SIEM
Pre-configured detections across your environmentHoneypots
Deception technology to detect lateral movementEndpoint Visibility
Real-time monitoring with added detection & responseSecurity Reports
Data visualizations, compliance reports, and executive summariesAutomated Response
Detect, prioritize, and neutralize threats around the clockIntegrations
Cloud, on-prem, and open API connectionsXDR Platform
A complete view to identify risk, and things operational
- Pricing
- Why Blumira
Why Blumira
The Security Operations platform IT teams loveWatch A Demo
See Blumira in action and how it builds operational resilienceUse Cases
A unified security solution for every challengePricing
Unlimited data and predictable pricing structureCompany
Our human-centered approach to cybersecurityCompare Blumira
Find out how Blumira stacks up to similar security toolsIntegrations
Cloud, on-prem, and open API connectionsCustomer Stories
Learn how others like you found success with Blumira
- Solutions
- Partners
- Resources
Password Spraying
Password spraying is a variant of a brute-force attack method that takes a large number of usernames and loops them with a single password, applying that to multiple accounts over a period of time to gain access into an environment.
Threat actors commonly start by using this technique on VPNs, cloud services and other applications. Once in an environment, threat actors might also perform password spraying to get access to other accounts and move laterally.
How To Prevent Password Spraying
The most effective way to prevent password spraying is by using two-factor or multifactor authentication.
Organizations can also monitor for persistence use — attempting to log in to multiple accounts via the same IP address — via their identity platforms. For Windows hosts, it’s important to also enable more robust logging capabilities to get visibility into password spraying attacks.
A dynamic blocklist can stop an attack in its early stages by automatically block IP addresses that are attempting to perform password spraying.
Video Player
00:00
01:25
How To Remediate a Password Spraying Attack
To remediate an attack, IT should revoke the credential and issue a new credential or password, and rotate out the multifactor authentication token.