Keeper high risk password detected for user

This rule is part of a beta feature. To learn more, contact Support.
keeper

Classification:

attack

Tactic:

TA0005-defense-evasion

Technique:

T1562-impair-defenses

Cette page n'est pas encore disponible en français, sa traduction est en cours.
Si vous avez des questions ou des retours sur notre projet de traduction actuel, n'hésitez pas à nous contacter.

Goal

Flag users with high-risk passwords stored in Keeper.

Strategy

This rule allows monitoring of events where Keeper has detected high risk password stored by user in Keeper.

Triage and response

  • Reach out to the user with email: {{@usr.email}} in enterprise id: {{@enterprise_id}}.
  • Ensure the user rotates the password on all accounts where they may have reused this password.
  • Ensure the user is aware of strong password guidelines.