Rapid7

According to Verizon's well-regarded Data Breach Investigation Report (DBIR) of 2015, as well as virtually every penetration tester we've talked to over the last several years, the number one method used by attackers to both compromise and extend malicious control over an enterprise network is the use of compromised user credentials. At Rapid7, we couldn't agree more. Our penetration testers know the value of compromised user credentials: with over 850 penetration tests performed in 2015, our skilled contract pen-testers reach their goal nearly 100% of the time in internal assessments, often thanks to a purloined password.