cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Suspected suspicious Kerberos ticket request on one endpoint

andre4000
Copper Contributor

‎Jun 24 2022 03:02 AM

‎Jun 24 2022 03:02 AM

Suspected suspicious Kerberos ticket request on one endpoint

Hi

 

The documentation for the alert “Suspected suspicious Kerberos ticket request on one endpoint”  with 

UniqueExternalId  2418 seems to be missing.

The alert references https://aka.ms/suspiciouskerberosticketrequest, which  leads to the Bing search engine page.

 

Nothing here either:
https://docs.microsoft.com/en-us/defender-for-identity/suspicious-activity-guide

 

Is there any further documentation available or planned?

 

Thanks

1,718 Views
0 Likes
5 Replies
Reply
5 Replies
andre4000

‎Jul 08 2022 03:24 AM - edited ‎Jul 08 2022 03:25 AM

‎Jul 08 2022 03:24 AM - edited ‎Jul 08 2022 03:25 AM

Re: Suspected suspicious Kerberos ticket request on one endpoint

@Eli Ofekany comments perhaps? I see the aka.ms shortcut has been fixed but now just points to the second link noted above, which still does not contain any further detail.

0 Likes
Reply
Daniel Naim

‎Jul 11 2022 07:51 AM

‎Jul 11 2022 07:51 AM

Re: Suspected suspicious Kerberos ticket request on one endpoint

We will add the information about this alert in our public docs soon.
0 Likes
Reply
andre4000

‎Sep 15 2022 01:32 AM

‎Sep 15 2022 01:32 AM

Re: Suspected suspicious Kerberos ticket request on one endpoint

Hi Daniel - any news on this?
0 Likes
Reply
Daniel Naim

‎Sep 15 2022 01:43 AM

‎Sep 15 2022 01:43 AM

Re: Suspected suspicious Kerberos ticket request on one endpoint

Documentation should be live by the end of the month
1 Like
Reply
andre4000

‎Jan 04 2023 06:49 AM

‎Jan 04 2023 06:49 AM

Re: Suspected suspicious Kerberos ticket request on one endpoint

Bumping this one..... seems it has not arrived yet.
0 Likes
Reply