- 필수 기능
- 시작하기
- Glossary
- 표준 속성
- Guides
- Agent
- 통합
- 개방형텔레메트리
- 개발자
- API
- Datadog Mobile App
- CoScreen
- Cloudcraft
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- APM
- Continuous Profiler
- 스팬 시각화
- 데이터 스트림 모니터링
- 데이터 작업 모니터링
- 디지털 경험
- 소프트웨어 제공
- 보안
- AI Observability
- 로그 관리
- 관리
Set up the salesforce integration.
Detect an account take over (ATO) through credential stuffing attack against a Salesforce account.
A credential stuffing attack is used to gain initial access by compromising user accounts.
The attacker obtains a list of compromised usernames and passwords from a previous user database breach, phishing attempt, or other means. Then, they use the list of username and passwords to attempt to login to accounts on your application.
It is common for an attacker to use multiple IP addresses to target your application in order to distribute the attack load for load balancing purposes, to make it more difficult to detect, or make it more difficult to block.
To determine a successful attempt: Detect a high number of failed logins from at least ten unique users and at least one successful login for a user within a period of time from the same IP address.
To determine an unsuccessful attempt: Detect a high number of failed logins from at least ten unique users within a period of time from the same IP address.