Pass-the-hash and pass-the-ticket are commonly used attacks which many traditional security products (i.e. firewalls, proxies, and multifactor authentication) may not stop. Verizon Software Defined Perimeter (SDP) inherently implements multifactor authentication after the user logs into the Windows domain, stopping these attacks from accessing servers protected by the Verizon SDP. Other implementations of the Zero Trust Architecture may be more challenged to do so.
Pass-the-Hash and Pass-the-Ticket
