Hello, you are using an old browser that's unsafe and no longer supported. Please consider updating your browser to a newer version, or downloading a modern browser.
Training Camp • Cybersecurity Glossary
Identity-based attacks abuse stolen credentials, tokens, and identity systems to log in as legitimate users, evading detection and bypassing traditional defenses.
Identity-Based Attack Definition: Identity-based attacks abuse stolen credentials, tokens, and identity systems to log in as legitimate users, evading detection and bypassing traditional defenses.
An identity-based attack is an intrusion that abuses legitimate credentials, tokens, or identity infrastructure rather than exploiting software vulnerabilities, allowing adversaries to log in instead of break in. Common techniques include credential theft, phishing, pass-the-hash, pass-the-ticket, MFA fatigue, and abuse of cloud identity providers. Because the activity uses valid accounts, it often blends with normal user behavior and evades signature-based detection, driving demand for identity threat detection and response (ITDR).
Turn knowledge into credentials with our instructor-led cybersecurity boot camps.
View All Courses →