Author Archives: Ryan Nolette
This past week I had the pleasure of going down to DerbyCon 7.0. Along the way, I got to see some fantastic presentations, an excellent Capture the Flag competition, and the tragic death of at least one insect. Here are a few of my takeaways from the conference.
Lateral movement is a critical step that attackers use when targeting your network. In the last Hunter’s Den post we covered how attackers lay the groundwork for lateral movement. Now that we know what tactics to look for, let’s get to hunting.
In our last Hunter’s Den post, we covered some of the TTP’s that are associated with searching for lateral movement. Now that we have a rough idea of the progression of this attack lifecycle let’s dig into the stages a bit more.
The Hunter’s Den blog series aims to go beyond framework and theory and dig into practical tips and techniques for threat hunting. In our previous post, we examined the practical ways to hunt for C2 activity. In this series of posts, we will take a look at how to hunt for lateral movement activity.