Description
This project aimed to automate the entire process of handling credential leak alerts, targeting both customer and employee accounts compromised during login attempts. The solution included:
- Automating password resets in the IdentityServer database to prevent unauthorized access.
- Creating incidents in ITSM, assigning them to relevant teams based on the affected service.
- Assessing intrusion risks by analyzing login patterns in Active Directory.
- Sending automated alert emails and logging all actions in SIEM for traceability.
The project significantly improved response times, reduced manual workload, and strengthened account security through a fully automated workflow.
Technology used
- Python
- PowerShell
- ITSM
- Active Directory