In a networked directory services environment, various components are used for authenticating users and for generating authorization data for controlling access to network resources to provide secure network access to network data by authorized users and that rejects access by unauthorized users. A breach in security in a networked directory services environment can result in a loss of network resource access by legitimate clients or in the disclosure of potentially sensitive information. Such information disclosure can occur for data that is stored on network resources or from the networked directory services database itself. Detection of anomalies in network traffic or malicious patterns may be indicative of a breach in security in a networked directory services environment.