1. Home
  2. ATT&CK Techniques
  3. T1110 Brute Force

T1110 Brute Force Mappings

Adversaries may use brute force techniques to gain access to accounts when passwords are unknown or when password hashes are obtained. Without knowledge of the password for an account or set of accounts, an adversary may systematically guess the password using a repetitive or iterative mechanism. Brute forcing passwords can take place via interaction with a service that will check the validity of those credentials or offline against previously acquired credential data, such as password hashes.

View in MITRE ATT&CK®

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
AC-2 Account Management Protects T1110 Brute Force
AC-20 Use of External Systems Protects T1110 Brute Force
AC-3 Access Enforcement Protects T1110 Brute Force
AC-5 Separation of Duties Protects T1110 Brute Force
AC-6 Least Privilege Protects T1110 Brute Force
AC-7 Unsuccessful Logon Attempts Protects T1110 Brute Force
CA-7 Continuous Monitoring Protects T1110 Brute Force
CM-2 Baseline Configuration Protects T1110 Brute Force
CM-6 Configuration Settings Protects T1110 Brute Force
IA-11 Re-authentication Protects T1110 Brute Force
IA-2 Identification and Authentication (organizational Users) Protects T1110 Brute Force
IA-4 Identifier Management Protects T1110 Brute Force
IA-5 Authenticator Management Protects T1110 Brute Force
SI-4 System Monitoring Protects T1110 Brute Force
azure_ad_identity_protection Azure AD Identity Protection technique_scores T1110 Brute Force
azure_ad_identity_protection Azure AD Identity Protection technique_scores T1110 Brute Force
alerts_for_windows_machines Alerts for Windows Machines technique_scores T1110 Brute Force
azure_security_center_recommendations Azure Security Center Recommendations technique_scores T1110 Brute Force
linux_auditd_alerts_and_log_analytics_agent_integration Linux auditd alerts and Log Analytics agent integration technique_scores T1110 Brute Force
azure_sentinel Azure Sentinel technique_scores T1110 Brute Force
azure_ad_password_policy Azure AD Password Policy technique_scores T1110 Brute Force
microsoft_defender_for_identity Microsoft Defender for Identity technique_scores T1110 Brute Force
azure_ad_multi-factor_authentication Azure AD Multi-Factor Authentication technique_scores T1110 Brute Force
azure_policy Azure Policy technique_scores T1110 Brute Force
azure_alerts_for_network_layer Azure Alerts for Network Layer technique_scores T1110 Brute Force
advanced_threat_protection_for_azure_sql_database Advanced Threat Protection for Azure SQL Database technique_scores T1110 Brute Force
conditional_access Conditional Access technique_scores T1110 Brute Force
cloud_app_security_policies Cloud App Security Policies technique_scores T1110 Brute Force
azure_ad_identity_secure_score Azure AD Identity Secure Score technique_scores T1110 Brute Force
azure_active_directory_password_protection Azure Active Directory Password Protection technique_scores T1110 Brute Force
just-in-time_vm_access Just-in-Time VM Access technique_scores T1110 Brute Force
passwordless_authentication Passwordless Authentication technique_scores T1110 Brute Force

ATT&CK Subtechniques

Technique ID Technique Name Number of Mappings
T1110.004 Credential Stuffing 29
T1110.002 Password Cracking 19
T1110.001 Password Guessing 30
T1110.003 Password Spraying 31