Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Contributor

Looking for clarification on Threat Emulation Custom Password Configs

Jump to solution

We are looking to create a custom password list using the SK below based on intel and active threats we've seen.  What I'm having trouble understanding though is why we need to add phrases as well given that threat emulation already knows what inbound emails to look at based on the extensions you have defined.  What value do we get out of this?

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

0 Kudos
1 Solution

Accepted Solutions
Highlighted
Admin
Admin
The phrases are keywords that might indicate a password is encoded in the email for an end user to type in to decrypt the file.

View solution in original post

0 Kudos
1 Reply
Highlighted
Admin
Admin
The phrases are keywords that might indicate a password is encoded in the email for an end user to type in to decrypt the file.

View solution in original post

0 Kudos