Attackers have ways to evade defenses to gain a beachhead on an internal system, but they must then move to expand their foothold. They conduct discovery activities and reconnaissance to find critical AD object, live hosts, and services to exploit, as well as steal and reuse credentials to escalate privileges as they move around within the network.
To combat this threat, organizations are turning to the Attivo Networks ThreatDefend platform’s lateral movement defenses, which impede attackers from gathering intelligence on AD accounts, live hosts, open services, data, and credentials to disrupts their ability to compromise systems and traverse the network undetected. The platform detects and alerts on lateral movement, credential theft, network discovery, and privilege escalation activities quickly and accurately so the organization can react to these attempts early in the attack cycle and reduce the risk of a breach.
54% of techniques used to test lateral movement are missed, and 96% of lateral movement behaviors did not have a corresponding alert in the SIEM.
80 percent of security breaches involve weak, default, stolen, or otherwise compromised privileged credentials.
The vast majority of malware is written to elevate privileges and move laterally in an environment.
Nearly 60% of attacks now involve lateral movement…
The ThreatDefend platform offers mechanisms to detect and disrupt intelligence gathering, network discovery, credential theft, and other lateral movement activities.