2:I[6932,["315","static/chunks/e087448e-2f2367f04faea473.js","540","static/chunks/6661209f-4ce31348cb1cca42.js","583","static/chunks/a594442f-578284994623e810.js","828","static/chunks/e507d130-01257d78ed09c0fc.js","812","static/chunks/812-46786ddcee160b75.js","919","static/chunks/919-8103c6c91f8facdc.js","500","static/chunks/500-1193d1955921814f.js","932","static/chunks/932-80b4ddcdfe5a178a.js","295","static/chunks/295-f7f3d8d607bc3e19.js","330","static/chunks/app/customer-stories/%5Bslug%5D/page-0e9a8b9220207755.js"],"default"]
3:I[3500,["315","static/chunks/e087448e-2f2367f04faea473.js","540","static/chunks/6661209f-4ce31348cb1cca42.js","583","static/chunks/a594442f-578284994623e810.js","828","static/chunks/e507d130-01257d78ed09c0fc.js","812","static/chunks/812-46786ddcee160b75.js","919","static/chunks/919-8103c6c91f8facdc.js","500","static/chunks/500-1193d1955921814f.js","932","static/chunks/932-80b4ddcdfe5a178a.js","295","static/chunks/295-f7f3d8d607bc3e19.js","330","static/chunks/app/customer-stories/%5Bslug%5D/page-0e9a8b9220207755.js"],""]
5:I[9812,["315","static/chunks/e087448e-2f2367f04faea473.js","540","static/chunks/6661209f-4ce31348cb1cca42.js","583","static/chunks/a594442f-578284994623e810.js","828","static/chunks/e507d130-01257d78ed09c0fc.js","812","static/chunks/812-46786ddcee160b75.js","919","static/chunks/919-8103c6c91f8facdc.js","500","static/chunks/500-1193d1955921814f.js","932","static/chunks/932-80b4ddcdfe5a178a.js","295","static/chunks/295-f7f3d8d607bc3e19.js","330","static/chunks/app/customer-stories/%5Bslug%5D/page-0e9a8b9220207755.js"],""]
6:I[1160,["315","static/chunks/e087448e-2f2367f04faea473.js","540","static/chunks/6661209f-4ce31348cb1cca42.js","583","static/chunks/a594442f-578284994623e810.js","828","static/chunks/e507d130-01257d78ed09c0fc.js","812","static/chunks/812-46786ddcee160b75.js","919","static/chunks/919-8103c6c91f8facdc.js","500","static/chunks/500-1193d1955921814f.js","932","static/chunks/932-80b4ddcdfe5a178a.js","295","static/chunks/295-f7f3d8d607bc3e19.js","330","static/chunks/app/customer-stories/%5Bslug%5D/page-0e9a8b9220207755.js"],"default"]
7:I[5750,["315","static/chunks/e087448e-2f2367f04faea473.js","540","static/chunks/6661209f-4ce31348cb1cca42.js","583","static/chunks/a594442f-578284994623e810.js","828","static/chunks/e507d130-01257d78ed09c0fc.js","812","static/chunks/812-46786ddcee160b75.js","919","static/chunks/919-8103c6c91f8facdc.js","500","static/chunks/500-1193d1955921814f.js","932","static/chunks/932-80b4ddcdfe5a178a.js","295","static/chunks/295-f7f3d8d607bc3e19.js","330","static/chunks/app/customer-stories/%5Bslug%5D/page-0e9a8b9220207755.js"],"Image"]
8:I[6731,[],""]
a:I[2923,[],""]
c:I[5960,["500","static/chunks/500-1193d1955921814f.js","185","static/chunks/app/layout-aefed4accc7284b3.js"],"ThemeProvider"]
4:T7a1,[{"@context":"https://schema.org","@type":"Article","headline":"Catching a helpdesk brute-force compromise before it became a company-wide breach","description":"A regional IT services provider exposed its ServiceDesk login without rate limits. Unit6 spotted the shift from brute-force to successful use, shut it down, and rebuilt access controls.","url":"https://unit6tech.com/customer-stories/helpdesk-bruteforce","mainEntityOfPage":"https://unit6tech.com/customer-stories/helpdesk-bruteforce","image":"https://unit6tech.com/images/unit6-cover.webp","author":{"@type":"Organization","name":"Unit6"},"publisher":{"@type":"Organization","name":"Unit6"},"articleSection":"IT services / systems integrator | Middle East","articleBody":"An internet-facing ServiceDesk login with shared password patterns drew a burst of authentication attempts. Watcher Network telemetry showed the moment attackers moved from guessing to authenticated exploration. Concentrated brute-force activity against the ServiceDesk login page. Follow-on human-driven interactions indicating at least one successful credential guess. Post-login behavior mixing automated enumeration and manual exploration. Creation, modification, or deletion of tickets to obscure attacker actions. Resetting passwords or granting access to other systems via IT workflows. Access to internal incident history, infrastructure inventories, and employee details. Impersonation of IT to phish employees or pivot into customer environments."},{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://unit6tech.com/"},{"@type":"ListItem","position":2,"name":"Customer stories","item":"https://unit6tech.com/customer-stories"},{"@type":"ListItem","position":3,"name":"Catching a helpdesk brute-force compromise before it became a company-wide breach","item":"https://unit6tech.com/customer-stories/helpdesk-bruteforce"}]}]9:["slug","helpdesk-bruteforce","d"]
b:T40e,[{"@context":"https://schema.org","@type":"Organization","@id":"https://unit6tech.com/#organization","name":"Unit6","url":"https://unit6tech.com","logo":{"@type":"ImageObject","url":"https://unit6tech.com/favicon.ico"},"description":"Unit6 turns adversary plans into foresight you can act on — decoding infrastructure, staging boxes, and recon chatter so you can stop attacks before they start.","sameAs":["https://www.linkedin.com/company/unit6tech"]},{"@context":"https://schema.org","@type":"WebSite","@id":"https://unit6tech.com/#website","url":"https://unit6tech.com","name":"Unit6: The Preventive Intelligence Company","description":"Unit6 turns adversary plans into foresight you can act on — decoding infrastructure, staging boxes, and recon chatter so you can stop attacks before they start.","publisher":{"@id":"https://unit6tech.com/#organization"},"inLanguage":"en","potentialAction":{"@type":"SearchAction","target":"https://unit6tech.com/search?q={search_term_string}","query-input":"required name=search_term_string"}}]0:["bunrciYijO3DOgSF60x8R",[[["",{"children":["customer-stories",{"children":[["slug","helpdesk-bruteforce","d"],{"children":["__PAGE__?{\"slug\":\"helpdesk-bruteforce\"}",{}]}]}]},"$undefined","$undefined",true],["",{"children":["customer-stories",{"children":[["slug","helpdesk-bruteforce","d"],{"children":["__PAGE__",{},[["$L1",["$","div",null,{"className":"relative min-h-screen overflow-hidden bg-gradient-to-b from-slate-50 via-white to-sky-50 text-slate-900 dark:from-[#03030c] dark:via-[#05031a] dark:to-[#010108] dark:text-white","children":[["$","div",null,{"className":"pointer-events-none absolute inset-0","children":[["$","div",null,{"className":"absolute -top-20 left-1/2 h-[560px] w-[560px] -translate-x-1/2 rounded-full bg-sky-500/20 blur-[220px]"}],["$","div",null,{"className":"absolute inset-y-0 right-0 h-full w-1/2 bg-gradient-to-l from-indigo-500/10 via-transparent to-transparent blur-[220px]"}],["$","div",null,{"className":"absolute bottom-0 left-0 h-[420px] w-[420px] rounded-full bg-emerald-400/10 blur-[180px]"}]]}],["$","$L2",null,{}],["$","main",null,{"className":"relative z-10 mx-auto flex w-full max-w-5xl flex-col gap-16 px-6 pb-24 pt-32 lg:px-0","children":[["$","$L3",null,{"id":"customer-story-jsonld-helpdesk-bruteforce","type":"application/ld+json","strategy":"beforeInteractive","children":"$4"}],["$","section",null,{"className":"space-y-4","children":[["$","p",null,{"className":"text-xs uppercase tracking-[0.3em] text-slate-500 dark:text-slate-400","children":"Customer story"}],["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-400","children":[["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"IT services / systems integrator"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Middle East"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Anonymized"}]]}],["$","h1",null,{"className":"text-4xl font-semibold leading-tight text-slate-900 dark:text-white md:text-5xl","children":"Catching a helpdesk brute-force compromise before it became a company-wide breach"}],["$","p",null,{"className":"text-lg font-semibold text-slate-700 dark:text-slate-200","children":"A regional IT services provider exposed its ServiceDesk login without rate limits. Unit6 spotted the shift from brute-force to successful use, shut it down, and rebuilt access controls."}],["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-300","children":[["$","span","T1110.001",{"className":"rounded-full border border-slate-200 bg-white px-3 py-1 dark:border-white/20 dark:bg-white/10","children":["MITRE ","T1110.001"]}],["$","span","T1078",{"className":"rounded-full border border-slate-200 bg-white px-3 py-1 dark:border-white/20 dark:bg-white/10","children":["MITRE ","T1078"]}],["$","span","T1556.001",{"className":"rounded-full border border-slate-200 bg-white px-3 py-1 dark:border-white/20 dark:bg-white/10","children":["MITRE ","T1556.001"]}]]}],["$","div",null,{"className":"flex flex-wrap gap-4","children":[["$","$L5",null,{"href":"/book-a-demo","className":"w-full sm:w-auto rounded-full border border-transparent bg-gradient-to-r from-primary via-sky-500 to-pink-500 px-6 py-3 text-sm font-semibold text-white shadow-[0_15px_45px_rgba(14,165,233,0.35)] transition hover:scale-[1.02] hover:shadow-[0_25px_70px_rgba(236,72,153,0.35)]","children":"Book a demo"}],["$","$L5",null,{"href":"/platform","className":"w-full sm:w-auto rounded-full border border-slate-200 bg-white px-6 py-3 text-sm font-semibold text-slate-900 shadow-sm transition hover:border-slate-300 hover:bg-white/90 dark:border-white/20 dark:bg-white/5 dark:text-white dark:hover:border-white/40 dark:hover:bg-white/10","children":"Explore the platform"}]]}]]}],["$","section",null,{"className":"grid gap-6 lg:grid-cols-2","children":[["$","article",null,{"className":"rounded-3xl border border-slate-200 bg-white p-6 shadow-sm dark:border-white/10 dark:bg-white/5","children":[["$","p",null,{"className":"text-xs uppercase tracking-[0.3em] text-slate-500 dark:text-slate-400","children":"The situation"}],["$","p",null,{"className":"mt-3 text-base text-slate-600 dark:text-slate-300","children":"An internet-facing ServiceDesk login with shared password patterns drew a burst of authentication attempts. Watcher Network telemetry showed the moment attackers moved from guessing to authenticated exploration."}],["$","div",null,{"className":"mt-4 space-y-3","children":[["$","p",null,{"className":"text-xs uppercase tracking-[0.3em] text-slate-500 dark:text-slate-400","children":"What Unit6 detected"}],["$","ul",null,{"className":"space-y-2 text-sm text-slate-600 dark:text-slate-200","children":[["$","li","Concentrated brute-force activity against the ServiceDesk login page.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-sky-400"}],["$","span",null,{"children":"Concentrated brute-force activity against the ServiceDesk login page."}]]}],["$","li","Follow-on human-driven interactions indicating at least one successful credential guess.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-sky-400"}],["$","span",null,{"children":"Follow-on human-driven interactions indicating at least one successful credential guess."}]]}],["$","li","Post-login behavior mixing automated enumeration and manual exploration.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-sky-400"}],["$","span",null,{"children":"Post-login behavior mixing automated enumeration and manual exploration."}]]}]]}]]}]]}],["$","article",null,{"className":"rounded-3xl border border-slate-200 bg-white p-6 shadow-sm dark:border-white/10 dark:bg-black/40","children":[["$","p",null,{"className":"text-xs uppercase tracking-[0.3em] text-slate-500 dark:text-slate-400","children":"Why it mattered"}],["$","ul",null,{"className":"mt-3 space-y-2 text-base text-slate-600 dark:text-slate-200","children":[["$","li","Creation, modification, or deletion of tickets to obscure attacker actions.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-emerald-400"}],["$","span",null,{"children":"Creation, modification, or deletion of tickets to obscure attacker actions."}]]}],["$","li","Resetting passwords or granting access to other systems via IT workflows.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-emerald-400"}],["$","span",null,{"children":"Resetting passwords or granting access to other systems via IT workflows."}]]}],["$","li","Access to internal incident history, infrastructure inventories, and employee details.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-emerald-400"}],["$","span",null,{"children":"Access to internal incident history, infrastructure inventories, and employee details."}]]}],["$","li","Impersonation of IT to phish employees or pivot into customer environments.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-emerald-400"}],["$","span",null,{"children":"Impersonation of IT to phish employees or pivot into customer environments."}]]}]]}]]}]]}],["$","section",null,{"className":"grid gap-6 lg:grid-cols-[1.15fr_0.85fr]","children":[["$","article",null,{"className":"space-y-4 rounded-[28px] border border-slate-200 bg-white p-7 shadow-sm dark:border-white/10 dark:bg-white/5","children":[["$","p",null,{"className":"text-xs uppercase tracking-[0.3em] text-slate-500 dark:text-slate-400","children":"What Unit6 did"}],["$","div",null,{"className":"space-y-4","children":[["$","div","Immediate containment",{"className":"rounded-2xl border border-slate-200/80 bg-white/70 p-5 shadow-sm dark:border-white/10 dark:bg-black/30","children":[["$","p",null,{"className":"text-sm font-semibold text-slate-900 dark:text-white","children":"Immediate containment"}],["$","ul",null,{"className":"mt-2 space-y-1.5 text-sm text-slate-600 dark:text-slate-200","children":[["$","li","Recommended disabling external access to the ServiceDesk login panel.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-pink-400"}],["$","span",null,{"children":"Recommended disabling external access to the ServiceDesk login panel."}]]}],["$","li","Revoked active sessions and forced password resets, prioritizing admins.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-pink-400"}],["$","span",null,{"children":"Revoked active sessions and forced password resets, prioritizing admins."}]]}]]}]]}],["$","div","Compromise assessment",{"className":"rounded-2xl border border-slate-200/80 bg-white/70 p-5 shadow-sm dark:border-white/10 dark:bg-black/30","children":[["$","p",null,{"className":"text-sm font-semibold text-slate-900 dark:text-white","children":"Compromise assessment"}],["$","ul",null,{"className":"mt-2 space-y-1.5 text-sm text-slate-600 dark:text-slate-200","children":[["$","li","Reviewed login and application logs around the attack window.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-pink-400"}],["$","span",null,{"children":"Reviewed login and application logs around the attack window."}]]}],["$","li","Focused on new tickets, privilege changes, and password-reset actions.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-pink-400"}],["$","span",null,{"children":"Focused on new tickets, privilege changes, and password-reset actions."}]]}]]}]]}],["$","div","Authentication and access control uplift",{"className":"rounded-2xl border border-slate-200/80 bg-white/70 p-5 shadow-sm dark:border-white/10 dark:bg-black/30","children":[["$","p",null,{"className":"text-sm font-semibold text-slate-900 dark:text-white","children":"Authentication and access control uplift"}],["$","ul",null,{"className":"mt-2 space-y-1.5 text-sm text-slate-600 dark:text-slate-200","children":[["$","li","Introduced MFA and IP allowlisting for ServiceDesk users and admins.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-pink-400"}],["$","span",null,{"children":"Introduced MFA and IP allowlisting for ServiceDesk users and admins."}]]}],["$","li","Implemented rate limiting, CAPTCHA, and detection for repeated failed logins.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-pink-400"}],["$","span",null,{"children":"Implemented rate limiting, CAPTCHA, and detection for repeated failed logins."}]]}]]}]]}],["$","div","Threat hunting and follow-on defenses",{"className":"rounded-2xl border border-slate-200/80 bg-white/70 p-5 shadow-sm dark:border-white/10 dark:bg-black/30","children":[["$","p",null,{"className":"text-sm font-semibold text-slate-900 dark:text-white","children":"Threat hunting and follow-on defenses"}],["$","ul",null,{"className":"mt-2 space-y-1.5 text-sm text-slate-600 dark:text-slate-200","children":[["$","li","Searched for new accounts, anomalous tickets, or configuration changes seeded by attackers.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-pink-400"}],["$","span",null,{"children":"Searched for new accounts, anomalous tickets, or configuration changes seeded by attackers."}]]}],["$","li","Correlated attacker infrastructure with other Unit6 customers for fleet-wide protections.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-pink-400"}],["$","span",null,{"children":"Correlated attacker infrastructure with other Unit6 customers for fleet-wide protections."}]]}]]}]]}]]}]]}],["$","div",null,{"className":"grid gap-4 md:grid-cols-2 lg:grid-cols-1","children":[["$","article",null,{"className":"rounded-2xl border border-slate-200 bg-white p-5 shadow-sm dark:border-white/10 dark:bg-black/40","children":[["$","p",null,{"className":"text-xs uppercase tracking-[0.3em] text-slate-500 dark:text-slate-400","children":"Outcome"}],["$","ul",null,{"className":"mt-3 space-y-2 text-sm text-slate-600 dark:text-slate-200","children":[["$","li","Compromise window narrowed with no evidence of large-scale lateral movement or customer impact.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-emerald-400"}],["$","span",null,{"children":"Compromise window narrowed with no evidence of large-scale lateral movement or customer impact."}]]}],["$","li","ServiceDesk elevated from exposed target to strongly authenticated, monitored system.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-emerald-400"}],["$","span",null,{"children":"ServiceDesk elevated from exposed target to strongly authenticated, monitored system."}]]}],["$","li","Client showed customers they detected and contained an attack before broader incident.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-emerald-400"}],["$","span",null,{"children":"Client showed customers they detected and contained an attack before broader incident."}]]}]]}]]}],["$","article",null,{"className":"rounded-2xl border border-slate-200 bg-gradient-to-br from-slate-900 via-slate-800 to-slate-900 p-5 text-white shadow-[0_18px_70px_rgba(2,6,23,0.35)] dark:border-white/10 dark:from-[#070b20] dark:via-[#050317] dark:to-[#070b20]","children":[["$","p",null,{"className":"text-xs uppercase tracking-[0.3em] text-white/60","children":"Unit6 edge"}],["$","ul",null,{"className":"mt-3 space-y-2 text-sm text-white/80","children":[["$","li","Ability to separate background brute force from true compromise based on behavioral shifts.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-cyan-300"}],["$","span",null,{"children":"Ability to separate background brute force from true compromise based on behavioral shifts."}]]}],["$","li","Stepwise guidance security and IT operations could implement immediately.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-cyan-300"}],["$","span",null,{"children":"Stepwise guidance security and IT operations could implement immediately."}]]}],["$","li","Use of Watcher Network intelligence to track attacker infrastructure across tenants.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-cyan-300"}],["$","span",null,{"children":"Use of Watcher Network intelligence to track attacker infrastructure across tenants."}]]}]]}]]}]]}]]}],["$","section",null,{"className":"rounded-[32px] border border-slate-200 bg-white p-8 shadow-sm shadow-slate-200 dark:border-white/10 dark:bg-white/5","children":[["$","div",null,{"className":"flex flex-col gap-4 md:flex-row md:items-center md:justify-between","children":[["$","div",null,{"children":[["$","p",null,{"className":"text-xs uppercase tracking-[0.3em] text-slate-500 dark:text-slate-400","children":"Browse other stories"}],["$","h2",null,{"className":"mt-2 text-2xl font-semibold text-slate-900 dark:text-white","children":"See more anonymized wins"}]]}],["$","$L5",null,{"href":"/customer-stories","className":"inline-flex items-center justify-center rounded-full border border-slate-200 px-6 py-3 text-sm font-semibold text-slate-900 shadow-sm transition hover:border-slate-300 hover:bg-white dark:border-white/20 dark:text-white dark:hover:border-white/30 dark:hover:bg-white/10","children":"Back to all stories"}]]}],["$","div",null,{"className":"mt-6 grid gap-4 md:grid-cols-2","children":[["$","$L5","industrial-ot-saas",{"href":"/customer-stories/industrial-ot-saas","className":"rounded-2xl border border-slate-200 bg-white p-5 text-sm font-semibold text-slate-900 shadow-sm transition hover:-translate-y-1 hover:shadow-md dark:border-white/10 dark:bg-black/30 dark:text-white dark:hover:border-white/30 dark:hover:bg-black/40","children":[["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-400","children":[["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Specialty chemicals / industrial manufacturing"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"North America & Europe"}]]}],["$","p",null,{"className":"mt-2 text-base text-slate-900 dark:text-white","children":"Stopping a nation-state from reaching industrial OT via a SaaS monitoring platform"}],["$","p",null,{"className":"mt-2 text-sm text-slate-600 dark:text-slate-200","children":"An East Asia-aligned actor used stolen credentials to access an OT monitoring SaaS. Unit6 cut the access path and rebuilt controls before the adversary could reach production lines."}]]}],["$","$L5","healthcare-mfa-bypass",{"href":"/customer-stories/healthcare-mfa-bypass","className":"rounded-2xl border border-slate-200 bg-white p-5 text-sm font-semibold text-slate-900 shadow-sm transition hover:-translate-y-1 hover:shadow-md dark:border-white/10 dark:bg-black/30 dark:text-white dark:hover:border-white/30 dark:hover:bg-black/40","children":[["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-400","children":[["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Healthcare / hospital system"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"North America"}]]}],["$","p",null,{"className":"mt-2 text-base text-slate-900 dark:text-white","children":"Preventing ransomware by catching an MFA bypass against a healthcare claims portal"}],["$","p",null,{"className":"mt-2 text-sm text-slate-600 dark:text-slate-200","children":"A ransomware-linked actor marketed access to a children’s hospital claims portal, including the MFA secret. Unit6 shut down the identity and drove phishing-resistant controls before patient data was touched."}]]}],["$","$L5","bpo-campaign",{"href":"/customer-stories/bpo-campaign","className":"rounded-2xl border border-slate-200 bg-white p-5 text-sm font-semibold text-slate-900 shadow-sm transition hover:-translate-y-1 hover:shadow-md dark:border-white/10 dark:bg-black/30 dark:text-white dark:hover:border-white/30 dark:hover:bg-black/40","children":[["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-400","children":[["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Outsourcing / workforce management / BPO"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"EMEA"}]]}],["$","p",null,{"className":"mt-2 text-base text-slate-900 dark:text-white","children":"Exposing a multi-actor campaign against HR, payroll, and internal portals"}],["$","p",null,{"className":"mt-2 text-sm text-slate-600 dark:text-slate-200","children":"Multiple actor clusters targeted an outsourcing firm’s kiosk, HR, and payroll surfaces simultaneously. Unit6 treated it as one campaign, closing credential abuse and hardening exposed services quickly."}]]}],["$","$L5","satcom-bruteforce",{"href":"/customer-stories/satcom-bruteforce","className":"rounded-2xl border border-slate-200 bg-white p-5 text-sm font-semibold text-slate-900 shadow-sm transition hover:-translate-y-1 hover:shadow-md dark:border-white/10 dark:bg-black/30 dark:text-white dark:hover:border-white/30 dark:hover:bg-black/40","children":[["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-400","children":[["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Satellite communications"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Global"}]]}],["$","p",null,{"className":"mt-2 text-base text-slate-900 dark:text-white","children":"Catching a nation-state’s brute-force campaign against a global satellite operator"}],["$","p",null,{"className":"mt-2 text-sm text-slate-600 dark:text-slate-200","children":"A Chinese-directed cluster brute-forced internal support portals for a satellite operator and took over accounts. Unit6 surfaced the compromise and rebuilt authentication before operations were touched."}]]}],["$","$L5","fintech-ai-bruteforce",{"href":"/customer-stories/fintech-ai-bruteforce","className":"rounded-2xl border border-slate-200 bg-white p-5 text-sm font-semibold text-slate-900 shadow-sm transition hover:-translate-y-1 hover:shadow-md dark:border-white/10 dark:bg-black/30 dark:text-white dark:hover:border-white/30 dark:hover:bg-black/40","children":[["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-400","children":[["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Fintech / payments processing"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Global"}]]}],["$","p",null,{"className":"mt-2 text-base text-slate-900 dark:text-white","children":"Detecting AI-powered brute forcing against a fintech customer portal"}],["$","p",null,{"className":"mt-2 text-sm text-slate-600 dark:text-slate-200","children":"AI-augmented actors brute-forced and sprayed a payments portal, taking over customer accounts. Unit6 cut off access, drove mandatory MFA, and hardened defenses against adaptive attacks."}]]}],["$","$L5","aviation-iab-warning",{"href":"/customer-stories/aviation-iab-warning","className":"rounded-2xl border border-slate-200 bg-white p-5 text-sm font-semibold text-slate-900 shadow-sm transition hover:-translate-y-1 hover:shadow-md dark:border-white/10 dark:bg-black/30 dark:text-white dark:hover:border-white/30 dark:hover:bg-black/40","children":[["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-400","children":[["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Aerospace & aviation communications"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Global"}]]}],["$","p",null,{"className":"mt-2 text-base text-slate-900 dark:text-white","children":"Early warning on initial access broker claims against aviation messaging systems"}],["$","p",null,{"className":"mt-2 text-sm text-slate-600 dark:text-slate-200","children":"Unit6 spotted a broker selling access to an aviation messaging platform before abuse began. Accounts and endpoints were hardened and a rapid-response plan put in place."}]]}],["$","$L5","precision-manufacturing-recon",{"href":"/customer-stories/precision-manufacturing-recon","className":"rounded-2xl border border-slate-200 bg-white p-5 text-sm font-semibold text-slate-900 shadow-sm transition hover:-translate-y-1 hover:shadow-md dark:border-white/10 dark:bg-black/30 dark:text-white dark:hover:border-white/30 dark:hover:bg-black/40","children":[["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-400","children":[["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"High-precision manufacturing / medtech & optics"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Europe & Global"}]]}],["$","p",null,{"className":"mt-2 text-base text-slate-900 dark:text-white","children":"Disrupting state-sponsored recon and credential exposure against a high-precision manufacturer"}],["$","p",null,{"className":"mt-2 text-sm text-slate-600 dark:text-slate-200","children":"State-linked actors targeted engineers and admin portals at a medtech/optics manufacturer. Unit6 neutralized exposed credentials and hardened privileged access before exploitation."}]]}],["$","$L5","dual-nation-state-sft-intrusion",{"href":"/customer-stories/dual-nation-state-sft-intrusion","className":"rounded-2xl border border-slate-200 bg-white p-5 text-sm font-semibold text-slate-900 shadow-sm transition hover:-translate-y-1 hover:shadow-md dark:border-white/10 dark:bg-black/30 dark:text-white dark:hover:border-white/30 dark:hover:bg-black/40","children":[["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-400","children":[["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Enterprise software / communications"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Global"}]]}],["$","p",null,{"className":"mt-2 text-base text-slate-900 dark:text-white","children":"Dual nation-state intrusion into a critical file transfer system — detected before impact"}],["$","p",null,{"className":"mt-2 text-sm text-slate-600 dark:text-slate-200","children":"Two unrelated nation-state actors exploited the same secure file transfer stack simultaneously. Unit6 surfaced both compromises and stopped large-scale exfiltration before internal teams saw anomalies."}]]}],["$","$L5","supply-chain-ransomware-saas-admin",{"href":"/customer-stories/supply-chain-ransomware-saas-admin","className":"rounded-2xl border border-slate-200 bg-white p-5 text-sm font-semibold text-slate-900 shadow-sm transition hover:-translate-y-1 hover:shadow-md dark:border-white/10 dark:bg-black/30 dark:text-white dark:hover:border-white/30 dark:hover:bg-black/40","children":[["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-400","children":[["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"SaaS / business intelligence platform"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Global"}]]}],["$","p",null,{"className":"mt-2 text-base text-slate-900 dark:text-white","children":"Supply-chain ransomware campaign leveraging a compromised SaaS administrator — multi-tenant threat stopped early"}],["$","p",null,{"className":"mt-2 text-sm text-slate-600 dark:text-slate-200","children":"A ransomware group weaponized trusted admin pathways inside a business intelligence SaaS. Unit6 saw the compromise, coordinated fast revocation, and blocked cross-customer propagation."}]]}],["$","$L5","supply-chain-intrusion-pharmaceuticals",{"href":"/customer-stories/supply-chain-intrusion-pharmaceuticals","className":"rounded-2xl border border-slate-200 bg-white p-5 text-sm font-semibold text-slate-900 shadow-sm transition hover:-translate-y-1 hover:shadow-md dark:border-white/10 dark:bg-black/30 dark:text-white dark:hover:border-white/30 dark:hover:bg-black/40","children":[["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-400","children":[["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Pharmaceuticals / healthcare"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Global"}]]}],["$","p",null,{"className":"mt-2 text-base text-slate-900 dark:text-white","children":"Supply-chain intrusion into a global pharmaceutical enterprise — pre-ransomware phase blocked"}],["$","p",null,{"className":"mt-2 text-sm text-slate-600 dark:text-slate-200","children":"A Sophisticated Threat Actor attempted to pivot from a compromised SaaS provider into a pharmaceutical company via trusted admin links. Unit6 severed trust and stopped the intrusion in the staging phase."}]]}]]}]]}]]}],["$","footer",null,{"className":"relative isolate overflow-hidden bg-gradient-to-br from-slate-50 via-white to-sky-50 text-slate-900 dark:from-slate-950 dark:via-[#080a1a] dark:to-[#02030a] dark:text-slate-100","children":[["$","div",null,{"className":"pointer-events-none absolute inset-0","children":[["$","div",null,{"className":"absolute inset-0 bg-[radial-gradient(circle_at_top,_rgba(56,189,248,0.18),_transparent_55%)] opacity-60 dark:opacity-80"}],["$","div",null,{"className":"absolute inset-0 bg-[linear-gradient(120deg,_rgba(15,23,42,0.08)_1px,_transparent_1px)] bg-[length:220px_220px] opacity-30 dark:opacity-40"}]]}],["$","div",null,{"className":"container relative z-10 mx-auto px-6 py-16 lg:py-20","children":[["$","$L6",null,{"className":"mx-auto w-full max-w-5xl","layout":"stacked","source":"site-footer","title":"Stay ahead with the Unit6 newsletters","description":"Pick from company releases, the Weekly Cyber Threat Briefing, or Preventive Intelligence Weekly and only hear about what matters to you."}],["$","div",null,{"className":"mt-12 grid gap-10 lg:grid-cols-[minmax(0,2fr)_repeat(3,minmax(0,1fr))]","children":[["$","div",null,{"className":"space-y-6","children":[["$","$L7",null,{"src":"/images/icons/unit6-icon.svg","alt":"Unit6 logo","width":140,"height":48,"priority":true}],["$","p",null,{"className":"text-sm text-slate-600 dark:text-slate-300","children":"The Preventive Intelligence Company"}]]}],[["$","div","Product",{"children":[["$","p",null,{"className":"text-sm font-semibold uppercase tracking-[0.3em] text-slate-500 dark:text-slate-300","children":"Product"}],["$","ul",null,{"className":"mt-4 space-y-3 text-sm text-slate-500 dark:text-slate-300","children":[["$","li","Platform overview",{"children":["$","$L5",null,{"href":"/platform","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Platform overview"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Platform overview"}]]}]]}]}],["$","li","Use cases",{"children":["$","$L5",null,{"href":"/use-cases","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Use cases"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Use cases"}]]}]]}]}],["$","li","Integrations",{"children":["$","$L5",null,{"href":"/integrations","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Integrations"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Integrations"}]]}]]}]}],["$","li","Comparison",{"children":["$","$L5",null,{"href":"/comparison","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Comparison"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Comparison"}]]}]]}]}]]}]]}],["$","div","Resources",{"children":[["$","p",null,{"className":"text-sm font-semibold uppercase tracking-[0.3em] text-slate-500 dark:text-slate-300","children":"Resources"}],["$","ul",null,{"className":"mt-4 space-y-3 text-sm text-slate-500 dark:text-slate-300","children":[["$","li","Gaming lab",{"children":["$","$L5",null,{"href":"/resources/gaming","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Gaming lab"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Gaming lab"}]]}]]}]}],["$","li","Customers",{"children":["$","$L5",null,{"href":"/customer-stories","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Customers"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Customers"}]]}]]}]}],["$","li","Blog",{"children":["$","$L5",null,{"href":"/blog","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Blog"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Blog"}]]}]]}]}],["$","li","Security",{"children":["$","$L5",null,{"href":"/security","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Security"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Security"}]]}]]}]}],["$","li","Privacy",{"children":["$","$L5",null,{"href":"/privacy","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Privacy"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Privacy"}]]}]]}]}]]}]]}],["$","div","Get started",{"children":[["$","p",null,{"className":"text-sm font-semibold uppercase tracking-[0.3em] text-slate-500 dark:text-slate-300","children":"Get started"}],["$","ul",null,{"className":"mt-4 space-y-3 text-sm text-slate-500 dark:text-slate-300","children":[["$","li","Book a demo",{"children":["$","$L5",null,{"href":"/book-a-demo","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Book a demo"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Book a demo"}]]}]]}]}],["$","li","Custom quote",{"children":["$","$L5",null,{"href":"/get-a-custom-quote","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Custom quote"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Custom quote"}]]}]]}]}],["$","li","Talk to sales",{"children":["$","$L5",null,{"href":"mailto:sales@unit6tech.com","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Talk to sales"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Talk to sales"}]]}]]}]}]]}]]}]]]}],["$","div",null,{"className":"mt-12 flex flex-col gap-6 border-t border-slate-200 pt-8 dark:border-white/10 md:flex-row md:items-center md:justify-between","children":[["$","div",null,{"className":"flex flex-wrap items-center gap-x-6 gap-y-3 text-sm text-slate-500 dark:text-slate-300","children":[["$","span",null,{"children":["© ",2025," Unit6 Inc. All rights reserved."]}],["$","$L5",null,{"href":"/terms","className":"transition-colors duration-300 hover:text-slate-900 dark:hover:text-white","children":"Terms"}],["$","$L5",null,{"href":"/privacy","className":"transition-colors duration-300 hover:text-slate-900 dark:hover:text-white","children":"Privacy"}]]}],["$","div",null,{"className":"flex gap-3","children":[["$","$L5","LinkedIn",{"href":"https://www.linkedin.com/company/unit6tech","target":"_blank","rel":"noopener noreferrer","aria-label":"LinkedIn","className":"group relative flex h-11 w-11 items-center justify-center overflow-hidden rounded-full border border-slate-200/70 bg-white text-slate-900 transition-all duration-300 hover:-translate-y-1 hover:border-slate-400 focus:outline-none focus-visible:ring-2 focus-visible:ring-sky-200/80 dark:border-white/15 dark:bg-white/10 dark:text-white dark:hover:border-white/60","children":[["$","span",null,{"className":"absolute inset-0 rounded-full bg-gradient-to-br from-sky-400/40 via-emerald-300/30 to-pink-300/30 opacity-0 transition duration-300 group-hover:opacity-100"}],["$","svg",null,{"stroke":"currentColor","fill":"currentColor","strokeWidth":"0","viewBox":"0 0 448 512","className":"relative text-lg transition duration-300 group-hover:scale-110","children":["$undefined",[["$","path","0",{"d":"M416 32H31.9C14.3 32 0 46.5 0 64.3v383.4C0 465.5 14.3 480 31.9 480H416c17.6 0 32-14.5 32-32.3V64.3c0-17.8-14.4-32.3-32-32.3zM135.4 416H69V202.2h66.5V416zm-33.2-243c-21.3 0-38.5-17.3-38.5-38.5S80.9 96 102.2 96c21.2 0 38.5 17.3 38.5 38.5 0 21.3-17.2 38.5-38.5 38.5zm282.1 243h-66.4V312c0-24.8-.5-56.7-34.5-56.7-34.6 0-39.9 27-39.9 54.9V416h-66.4V202.2h63.7v29.2h.9c8.9-16.8 30.6-34.5 62.9-34.5 67.2 0 79.7 44.3 79.7 101.9V416z","children":[]}]]],"style":{"color":"$undefined"},"height":"1em","width":"1em","xmlns":"http://www.w3.org/2000/svg"}]]}],["$","$L5","X (Twitter)",{"href":"https://twitter.com/unit6tech","target":"_blank","rel":"noopener noreferrer","aria-label":"X (Twitter)","className":"group relative flex h-11 w-11 items-center justify-center overflow-hidden rounded-full border border-slate-200/70 bg-white text-slate-900 transition-all duration-300 hover:-translate-y-1 hover:border-slate-400 focus:outline-none focus-visible:ring-2 focus-visible:ring-sky-200/80 dark:border-white/15 dark:bg-white/10 dark:text-white dark:hover:border-white/60","children":[["$","span",null,{"className":"absolute inset-0 rounded-full bg-gradient-to-br from-sky-400/40 via-emerald-300/30 to-pink-300/30 opacity-0 transition duration-300 group-hover:opacity-100"}],["$","svg",null,{"stroke":"currentColor","fill":"currentColor","strokeWidth":"0","viewBox":"0 0 512 512","className":"relative text-lg transition duration-300 group-hover:scale-110","children":["$undefined",[["$","path","0",{"d":"M389.2 48h70.6L305.6 224.2 487 464H345L233.7 318.6 106.5 464H35.8L200.7 275.5 26.8 48H172.4L272.9 180.9 389.2 48zM364.4 421.8h39.1L151.1 88h-42L364.4 421.8z","children":[]}]]],"style":{"color":"$undefined"},"height":"1em","width":"1em","xmlns":"http://www.w3.org/2000/svg"}]]}]]}]]}]]}]]}]]}]],null],null]},["$","$L8",null,{"parallelRouterKey":"children","segmentPath":["children","customer-stories","children","$9","children"],"error":"$undefined","errorStyles":"$undefined","errorScripts":"$undefined","template":["$","$La",null,{}],"templateStyles":"$undefined","templateScripts":"$undefined","notFound":"$undefined","notFoundStyles":"$undefined","styles":null}],null]},["$","$L8",null,{"parallelRouterKey":"children","segmentPath":["children","customer-stories","children"],"error":"$undefined","errorStyles":"$undefined","errorScripts":"$undefined","template":["$","$La",null,{}],"templateStyles":"$undefined","templateScripts":"$undefined","notFound":"$undefined","notFoundStyles":"$undefined","styles":null}],null]},[["$","html",null,{"className":"antialiased __variable_41251a","lang":"en","suppressHydrationWarning":true,"children":[["$","head",null,{"children":[["$","$L3",null,{"id":"gtm-base","strategy":"lazyOnload","children":"\n            (function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':\n            new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],\n            j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src=\n            'https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);\n            })(window,document,'script','dataLayer','GTM-KMD6X5T8');\n          "}],["$","$L3",null,{"id":"structured-data","type":"application/ld+json","strategy":"beforeInteractive","children":"$b"}],null]}],["$","body",null,{"className":"__className_f367f3","children":[["$","noscript",null,{"children":["$","iframe",null,{"src":"https://www.googletagmanager.com/ns.html?id=GTM-KMD6X5T8","height":"0","width":"0","style":{"display":"none","visibility":"hidden"}}]}],["$","$L3",null,{"id":"theme-init","strategy":"beforeInteractive","children":"\n            try {\n              const storedTheme = localStorage.getItem('theme');\n              const prefersDark = window.matchMedia('(prefers-color-scheme: dark)').matches;\n              const theme = storedTheme === 'light' || storedTheme === 'dark' ? storedTheme : (prefersDark ? 'dark' : 'light');\n              const root = document.documentElement;\n              root.classList.remove('light', 'dark');\n              root.classList.add(theme);\n              root.dataset.theme = storedTheme ?? 'system';\n            } catch (_error) {}\n          "}],["$","$Lc",null,{"children":["$","$L8",null,{"parallelRouterKey":"children","segmentPath":["children"],"error":"$undefined","errorStyles":"$undefined","errorScripts":"$undefined","template":["$","$La",null,{}],"templateStyles":"$undefined","templateScripts":"$undefined","notFound":["$","main",null,{"className":"flex min-h-screen flex-col items-center justify-center bg-gradient-to-b from-slate-50 via-white to-sky-50 px-6 text-center text-slate-900 dark:from-slate-950 dark:via-slate-900 dark:to-slate-950 dark:text-white","children":[["$","p",null,{"className":"text-xs uppercase tracking-[0.35em] text-slate-500 dark:text-slate-400","children":"Page not found"}],["$","h1",null,{"className":"mt-4 text-4xl font-semibold sm:text-5xl","children":"Looks like that trail went cold."}],["$","p",null,{"className":"mt-4 max-w-xl text-base text-slate-600 dark:text-slate-300","children":"The page you are looking for has moved or no longer exists. Head back to the main site or explore our latest resources."}],["$","div",null,{"className":"mt-8 flex flex-col gap-3 sm:flex-row","children":[["$","$L5",null,{"href":"/","className":"rounded-full bg-slate-900 px-5 py-3 text-sm font-semibold text-white shadow-sm transition hover:bg-slate-800 focus-visible:outline focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-slate-500 dark:bg-white dark:text-slate-900 dark:hover:bg-slate-100","children":"Back to homepage"}],["$","$L5",null,{"href":"/resources/gaming","className":"rounded-full border border-slate-200 px-5 py-3 text-sm font-semibold text-slate-700 transition hover:border-slate-300 dark:border-white/20 dark:text-white dark:hover:border-white/30","children":"View resources"}]]}]]}],"notFoundStyles":[],"styles":null}]}]]}]]}],null],null],[[["$","link","0",{"rel":"stylesheet","href":"/_next/static/css/2a2d44bd966c4d53.css","precedence":"next","crossOrigin":"$undefined"}],["$","link","1",{"rel":"stylesheet","href":"/_next/static/css/582d575b359aac35.css","precedence":"next","crossOrigin":"$undefined"}]],[null,"$Ld"]]]]]
d:[["$","meta","0",{"name":"viewport","content":"width=device-width, initial-scale=1"}],["$","meta","1",{"charSet":"utf-8"}],["$","title","2",{"children":"Catching a helpdesk brute-force compromise before it became a company-wide breach | Unit6 customer story | Unit6"}],["$","meta","3",{"name":"description","content":"A regional IT services provider exposed its ServiceDesk login without rate limits. Unit6 spotted the shift from brute-force to successful use, shut it down, and rebuilt access controls."}],["$","meta","4",{"name":"keywords","content":"preventive intelligence,adversary infrastructure,attack staging,threat reconnaissance,early warning security platform"}],["$","meta","5",{"name":"robots","content":"index, follow"}],["$","link","6",{"rel":"canonical","href":"https://unit6tech.com/customer-stories/helpdesk-bruteforce"}],["$","meta","7",{"property":"og:title","content":"Catching a helpdesk brute-force compromise before it became a company-wide breach"}],["$","meta","8",{"property":"og:description","content":"A regional IT services provider exposed its ServiceDesk login without rate limits. Unit6 spotted the shift from brute-force to successful use, shut it down, and rebuilt access controls."}],["$","meta","9",{"property":"og:url","content":"https://unit6tech.com/customer-stories/helpdesk-bruteforce"}],["$","meta","10",{"property":"og:site_name","content":"Unit6"}],["$","meta","11",{"property":"og:image","content":"https://unit6tech.com/images/unit6-cover.webp"}],["$","meta","12",{"property":"og:type","content":"article"}],["$","meta","13",{"name":"twitter:card","content":"summary_large_image"}],["$","meta","14",{"name":"twitter:creator","content":"@unit6tech"}],["$","meta","15",{"name":"twitter:title","content":"Catching a helpdesk brute-force compromise before it became a company-wide breach"}],["$","meta","16",{"name":"twitter:description","content":"A regional IT services provider exposed its ServiceDesk login without rate limits. Unit6 spotted the shift from brute-force to successful use, shut it down, and rebuilt access controls."}],["$","meta","17",{"name":"twitter:image","content":"https://unit6tech.com/images/unit6-cover.webp"}],["$","link","18",{"rel":"icon","href":"/favicon.ico","type":"image/x-icon","sizes":"20x32"}],["$","meta","19",{"name":"next-size-adjust"}]]
1:null