How MDR Stopped a Credential Attack in 15 Minutes
See how At-Bay Stance MDR detected and contained a VPN credential attack in just 15 minutes, preventing network breach
The Threat
At 2:10 AM, attackers armed with stolen VPN credentials launched automated reconnaissance against 126 hosts through a compromised SonicWall LDAPS account. The threat actors were probing for vulnerabilities and planning their next move into the network.
Remediation Process
Our Managed Detection and Response (MDR) team detected the suspicious activity immediately and moved to contain the threat:
- 2:25 AM: Compromised account contained — just 15 minutes after initial detection
- Investigation confirmed credential abuse through VPN access
- Analysts engaged the client with clear remediation recommendations
We guided our client through critical hardening measures: resetting all VPN and firewall credentials and patching vulnerable appliances.
The Result
Zero managed systems accessed. The attackers never made it past the gate.
Our client took decisive action that same morning, implementing two-factor authentication on VPN access to permanently close the security gap. What could have been a major breach became a testament to the power of rapid detection and response. The result: strengthened perimeter defenses, hardened authentication, and an attack stopped before it could begin.
At-Bay Stance Managed Detection and Response
At-Bay Stance MDR protects your organization against modern threats like ransomware, financial fraud, phishing, and identity-based attacks with comprehensive endpoint, cloud, email, and identity security solutions.
At-Bay’s MDR experts help businesses stay secure and reduce cyber risk at a fraction of the cost and hassle of hiring an in-house team. It provides a layer of protection many businesses typically can’t afford, securing endpoints, email, identity, and cloud, at an accessible price.
*Response timelines differ. Past results do not guarantee future outcomes. This content is provided for information purposes only and is not intended to define any Policy commitment. No warranty is given or liability accepted regarding this information.
At-Bay Stance MDR is provided by At-Bay Security, LLC (“At-Bay Security”), and available to eligible businesses with or without an insurance policy placed through At-Bay Insurance Services, LLC. At-Bay Security, LLC is a wholly owned subsidiary of At-Bay, Inc., providing cybersecurity services including MDR and incident response. At-Bay Security, LLC does not provide insurance services.