Detecting Credential Abuse - Core Concepts and Challenges

Explore a comprehensive conference talk on detecting credential abuse presented at BSidesLV's PasswordsCon. Delve into the critical importance of credentials for attackers and the challenges defenders face in identifying unauthorized access. Learn about core detection concepts, including useful patterns, the Impossible Travel problem, and credential binding violations. Examine the value of logs in credential abuse detection and prevention strategies. Discuss trade-offs in security controls, challenges in identifying threats, and the importance of considering user experience when implementing security measures. Gain insights from speakers Troy Defty and Kathy Zhu on protecting systems from credential-based attacks and improving overall cybersecurity posture.