TRENDING:

Identity & Access Management , Security Operations , Video

Cracking the Problem of Credential Stuffing

Experts Urge Firms to Take a Holistic Approach to Ending Credential Stuffing Risks Suparna Goswami (gsuparna) • November 18, 2022    
Navaneethan M., CISO, Groww, and Sanjay Singh, head of DevSecOps, Games24x7

Why is credential stuffing hard to solve? Are weak passwords the only reason behind credential-stuffing attacks? Experts Sanjay Singh, head of DevSecOps at gaming company Games24x7, and Navaneethan M., CISO at Groww, explain how geo-based authentication, user behavior analytics and AI can detect breaches.

See Also: OnDemand | Overcoming the Limitations of Addressing Insider Threat in Banking: Real Solutions for Real Security Challenges

Navaneethan says weak passwords aren't the main problem these days. "In case of weak passwords, if I do a brute force attack, it is more than enough, but it is no longer just about weak passwords but weak systems and whatever ecosystems the weak systems are connected to," says Navaneethan. "Companies are now looking at geo-based authentication and user behavior to authenticate."

Aside from a passwordless approach, Singh says, companies should continuously monitor systems 24/7. "The moment I find any anomaly, I have that information detected," Singh says. "Having AI- and ML-based monitoring will be helpful."

In this video interview with Information Security Media Group, Singh and Navaneethan discuss:

  • How credential stuffing attacks have grown this year;
  • Strategies for improving detection of credential stuffing attacks;
  • The benefits of multifactor authentication.

Singh, who leads DevSecOps at Games24X7, drives cloud optimization, information security and DevOps practices in his organization.

Navaneethan, who leads security and IT at fintech company Groww, is experienced in CISO/CIO operations, strategic cybersecurity account management, enterprise security and risk management.

Previous
Australia Unveils Plan to Counter Global Cybercrime Problem
Next
Responding to and Decoding the Ransomware Menace

About the Author

Suparna Goswami

Suparna Goswami

Associate Editor, ISMG

Goswami has more than 10 years of experience in the field of journalism. She has covered a variety of beats including global macro economy, fintech, startups and other business trends. Before joining ISMG, she contributed for Forbes Asia, where she wrote about the Indian startup ecosystem. She has also worked with UK-based International Finance Magazine and leading Indian newspapers, such as DNA and Times of India.



Around the Network

Mapping Access - and Attack - Paths in Active Directory
Mapping Access - and Attack - Paths in Active Directory
Good Governance: 'It's All Hygiene'
Good Governance: 'It's All Hygiene'
How State Governments Can Regulate AI and Protect Privacy
How State Governments Can Regulate AI and Protect Privacy
Getting a Tighter Grip on Vendor Security Risk in Healthcare
Getting a Tighter Grip on Vendor Security Risk in Healthcare
Stopping Cloud Workload Attacks
Stopping Cloud Workload Attacks
Joe Sullivan on What CISOs Need to Know About the Uber Trial
Joe Sullivan on What CISOs Need to Know About the Uber Trial
How AI Can Help Speed Up Physician Credentialing Chores
How AI Can Help Speed Up Physician Credentialing Chores
AI in Healthcare: The Growing Promise - and Potential Risks
AI in Healthcare: The Growing Promise - and Potential Risks
Why Hospitals Should Beware of Malicious AI Use
Why Hospitals Should Beware of Malicious AI Use
How Biden's AI Executive Order Will Affect Healthcare
How Biden's AI Executive Order Will Affect Healthcare

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.