Managed Sentinel – Alert 259

Alert IDMS-A259
Alert NameExcessive SSL VPN login failures - SonicWall
DescriptionThis alert identifies when a user account performs more than 10 failed logins to the VPN in 24 hours.
Severity LevelLow
Threat Indicator
MITRE ATT&CK TacticsCollection
CredentialAccess
Log sourcesSecurity Event
False Positives
Recommendations