Vulnerabilities and exploits grab headlines, attention, and bounties, but it's the boring old compromised credential that makes the job of hacking possible and profitable for intruders on a daily basis. At Rapid7, we know this from both sides of the attack. Our security consultants run about 500 penetration tests a year and get in nearly 100% of the time in internal assessments. Our incident responders see real-life attacks on networks every day, following cyber-criminals and state actors with every step. What both of them, and many industry research reports agree on, is that there is one attack method that works nearly everywhere: compromised credentials.

Join Tod Beardsley, Research Manager at Rapid7, as he explores the monitoring of unusual account behavior, including:

• What distinct types of user accounts are seen on modern enterprise networks
• The pervasive use of cloud services
• How mobile device usage comes into play