A Real-World Look at Analysis, Detecting, and Preventing Two Types of Manual Lateral Movement in Active Directory Environments

Webinar Registration

Lateral movement has become a staple threat action in nearly every modern type of cyberattack. Many attackers rely on automation and simply allow attacks to be an opportunistic “numbers game”; when the automation fails, they simply move onto the next target where automation is successful. But targeted attacks involve a bit more personal investment on the part of the attacker, with lateral movement activities being based on intel collected about the environment.

Forensic investigations of malware attacks (including exploits, LOLbins, scripts etc.) and network traffic (IPs, vulnerability signatures, etc.) use a well-developed vast range of tools and common terminology (IoC standards, YARA rules, etc). But these are less established for investigating lateral movement. Signals from the endpoint and the network are not enough to provide full context for the attack, because these signals are not available everywhere, and even where they are, they don’t carry the information about the attack vector.

So, what analysis can you do to detect, understand, respond to, and eventually prevent lateral movement in your environment?

In this Real Training for Free session, Microsoft MVP Nick Cavalancia takes my seat as he first discusses:

The current state of lateral movement in cyberattacks
Lateral attack methods
Aligning lateral movement to the MITRE ATT&CK Framework

Up next, you’ll hear from Yaron Kassner, CTO & Co-Founder, and Yiftach Keshet, Director of Product Marketing from Silverfort.

We’ll present a unique visualization of samples of two lateral movement attacks (Linear and parallel) gathered from our customers and cover:

Capture of the lateral movement part from the live attacks
Suggested patterns and potential IoCs to identify lateral movement
Dependencies on specific AD event configurations
The one “blind spot” in lateral movement and how to address it
Demonstration of lateral movement prevention with MFA in an Active Directory environment.

This real training for free event will be jam packed with technical detail and real-world application. Register today!

First Name:	Required
Last Name:	Required
Work Email:	Required Invalid email address
Phone:	Required
Job Title:	Required
Organization:	Required
Country:	Required
State:	Required
	Your information will be shared with the sponsor. By clicking "Submit", you're agreeing to our Privacy Policy and consenting to be contacted by us and the sponsor. Tweet

Upcoming Webinars

Anatomy of a Cloud Hack: The Cloudflare/Okta Compromise – A Story of Tokens, Lateral Movement, Persistence and the Salvation of Zero Trust and Hard MFA Tokens

Additional Resources

User name:
Password:
	/ Forgot?
	Register

April 2024 Patch Tuesday	"Patch Tuesday - One Zero Day and Record Number of Patches! " - sponsored by LOGbinder

Follow @randyfsmith

About | Newsletter | Contact

Ultimate IT Security is a division of Monterey Technology Group, Inc. ©2006-2024 Monterey Technology Group, Inc. All rights reserved.
Disclaimer: We do our best to provide quality information and expert commentary but use all information at your own risk. For complaints, please contact abuse@ultimatewindowssecurity.com.