Credential Attacks

password screen on tablet

Attackers don’t hack in, they log in.

Attackers usually don’t have to hack into your systems like in the movies; oftentimes, they log into your systems like valid users using credential attacks.
What are credential attacks?
Phishing Icon

Attackers collect usernames

Key inside computer chip - Line icon

Exploit poor password policies to obtain domain user credentials


Leverage misconfigurations to elevate privileges to domain administrator


…where they end up with the keys to the kingdom.

Credential Attack Path Graphic

Why fix vulnerabilities that can’t be exploited?

Most vulnerabilities found by vulnerability scanners cannot be exploited or are difficult and impractical to exploit; yet your teams spend precious time fixing these issues. Meanwhile, ransomware attackers are finding ways to chain together harvested credentials, misconfigurations, and dangerous product defaults to compromise your systems.

Continuous pentesting as a sparring partner - two boxers sparring

Credential attacks are a critical enabler for ransomware, and they have cost businesses over $10B in the past 5 years.

Watch this Tech Talk: The Password Pandemic to learn more.

Headshot of Snehal Antani

Anthony Pillitiere
CTO & Co-Founder

Headshot of Naveen Sunkavalley

Naveen Sunkavally
Chief Architect

Headshot of Monti Knode

Monti Knode
Director of Customer
& Partner Success

Headshot of Snehal Antani

Zach Hanley
Senior Engineer