A Real-World Look at Analysis, Detecting, and Preventing Two Types of Manual Lateral Movement in Active Directory Environments

Webinar Registration

Lateral movement has become a staple threat action in nearly every modern type of cyberattack. Many attackers rely on automation and simply allow attacks to be an opportunistic “numbers game”; when the automation fails, they simply move onto the next target where automation is successful. But targeted attacks involve a bit more personal investment on the part of the attacker, with lateral movement activities being based on intel collected about the environment.

Forensic investigations of malware attacks (including exploits, LOLbins, scripts etc.) and network traffic (IPs, vulnerability signatures, etc.) use a well-developed vast range of tools and common terminology (IoC standards, YARA rules, etc). But these are less established for investigating lateral movement. Signals from the endpoint and the network are not enough to provide full context for the attack, because these signals are not available everywhere, and even where they are, they don’t carry the information about the attack vector.

So, what analysis can you do to detect, understand, respond to, and eventually prevent lateral movement in your environment?

In this Real Training for Free session, Microsoft MVP Nick Cavalancia takes my seat as he first discusses:

  • The current state of lateral movement in cyberattacks
  • Lateral attack methods
  • Aligning lateral movement to the MITRE ATT&CK Framework

Up next, you’ll hear from Yaron Kassner, CTO & Co-Founder, and Yiftach Keshet, Director of Product Marketing from Silverfort.

We’ll present a unique visualization of samples of two lateral movement attacks (Linear and parallel) gathered from our customers and cover:

  • Capture of the lateral movement part from the live attacks
  • Suggested patterns and potential IoCs to identify lateral movement
  • Dependencies on specific AD event configurations
  • The one “blind spot” in lateral movement and how to address it
  • Demonstration of lateral movement prevention with MFA in an Active Directory environment.

This real training for free event will be jam packed with technical detail and real-world application. Register today!

First Name:   
Last Name:   
Work Email:  
Phone:  
Job Title:  
Organization:  
Country:    
State:  
 

Your information will be shared with the sponsor.

By clicking "Submit", you're agreeing to our Privacy Policy and consenting to be contacted by us and the sponsor.

 

 

Upcoming Webinars
    Additional Resources