Author Archives: Brandon Baxter

by

Threat Hunting for Lateral Movement

We’ll look for instances where multiple users are logged onto an end-user workstation simultaneously or within a relatively short period of time, where the same user account is logged onto more than one host, or where a network login references a non-domain account on the target system.