Lateral Movement
Brief
Detect, Investigate and Respond to Lateral Movement Incidents
Lateral movement is when an attacker compromises or gains control of one asset within a network and then moves internally within a network (“east-towest”) from that device to others.
Exabeam helps security teams outsmart adversaries using lateral movement with the support of automation and use case content across the full analyst workflow, from detection to response. First, we prescribe data sources to collect and analyze. Our user and entity behavior analytics (UEBA) then develops a baseline of normal activity for every user and device in an organization. As an adversary begins to move within a network, abnormal activity is identified using out of the box detection rules and models, including 7 MITRE techniques associated with lateral movement. This activity is flagged and added to the user or entity’s risk score.
