DET0798 Detection of Hardcoded Credentials
| Item | Value |
|---|---|
| ID | DET0798 |
| Version | 1.0 |
| Created | 21 October 2025 |
| Last Modified | 21 October 2025 |
Technique Detected: T0891 (Hardcoded Credentials)
Analytics
ICS
AN1930
Monitor network traffic for hardcoded credential use in protocols that allow unencrypted authentication. Monitor logon sessions for hardcoded credential use, when feasible.
Log Sources
| Data Component | Name | Channel |
|---|---|---|
| Network Traffic Content (DC0085) | Network Traffic | None |
| Logon Session Creation (DC0067) | Logon Session | None |
Mutable Elements
| Field | Description |
|---|---|