Brute forcing passwords is a concept that's been around so long it almost feels like some relic of the past. But a recent T-Mobile data breach compromising the personal information of 54 million users serves as a reminder that this attack methodology can still lead to colossal damages today.

Brute force is an attack method involving repetitive attempts to guess a victim’s password. Hackers will try out various password combinations, hoping to hit on the right one. To do this, they typically use an automated brute force password-cracking software, and leverage botnets for the power they need to deploy the many password-cracking attempts. Brute Forcing helped attackers score some big breaches over the last decade, including Dunkin' Donuts (2015, 19K users money stolen, $650K lawsuit settlement costs), Alibaba (2016, 20M user accounts compromised), the Northern Irish Parliament (2018, parliament member e-mailboxes exposed), and many more. 

Having a web-focused cyber protection layer is an absolute must. ThreatSTOP is proud to partner with Amazon AWS to deliver managed rules for their Web Application Firewall (WAF) that protects web services from cyber attacks, including botnets and brute force. ThreatSTOP's cloud platform uses live, highly curated threat intelligence to enable enforcement points like the AWS WAF to end threats before they start, and prevent further communication with attacker networks. Say goodbye to brute force attacks and credential stuffing with ThreatSTOP's managed rules for the AWS WAF.

ThreatSTOP offers 4 managed rule sets for the AWS WAF:

  • ThreatSTOP - New and Active HTTP Threats
    The New and Active HTTP Threats Managed Rules for AWS WAF protects exposed services from a range of threats including SSH attacks, Brute Forcers, Crackers, Shellshock, Apache Server Attacks, and more. Multiple HTTP threat intel feeds are aggregated and analyzed for continuously updated protection. Check it out.

  • ThreatSTOP - New and Active Malicious Bots
    New and Active Bots identifies and blocks the attacker infrastructure hosting and controlling malicious Bots like Crawlers and Spiders that target your exposed services. The rules are dynamically updated using leading intelligence sources that have been curated by ThreatSTOP Security. Check it out.

  • ThreatSTOP - CoreThreats
    Our famous CoreThreats is built by aggregating and analyzing over 800 quality threat intelligence feeds, applying human and machine intelligence, then rapidly updating the managed rules to block threats and attacker infrastructure. CoreThreats stops a broad range of attacks with very high accuracy. Check it out.

  • ThreatSTOP - ITAR and OFAC
    Simplify compliance and security challenges by blocking inbound IP connections from ITAR and OFAC sanctioned countries, including Crimea. These managed rules track changes from the US State Department International Traffic in Arms Regulations, and the US Treasury Department Office of Foreign Asset Control. Check it out.


Try ThreatSTOP Managed Rules for the AWS WAF, and get Premium CheckIOC for Free!

See the CheckIOC Offer