Threat Hunting 101: Lateral Movements in Windows Networks

#11 Threat Hunting 101: Lateral Movements in Windows Networks

October 26, 2023

Join Kevin Zuk for a session on how you can improve your investigation skills for lateral movements in Windows Event Logs and how you can easily identify incoming & outbound lateral movement attempts.

Learn why lateral movements are crucial to investigate for Tier 1 SOC analysts to reduce alert fatigue
See examples of RDP, PSExec, Scheduled Tasks, WMI, Powershell, and others
Receive example logs that you can match tot he method used based on your learnings during the session

Kevin Zuk

Threat Hunting Engineer, Anvilogic

Additional Resources

Launch the Snowflake Lab

Anvilogic for Snowflake

Uncovering the Plot: Designing a Threat Hunting Tool for the Rest of Us

Podcast

More Episodes

November 7, 2024

Get Smarter with Entity Correlation + RBA in Sentinel

Join Detection Engineers Micah Funderburk and Alex Temaly as they break down their RBA success story in Sentinel—packed with insights, tips, and the best moves to help your SOC catch threats faster and smarter.

Watch Now and Get the Giveaway

October 31, 2024

#35 So What Does a Detection Engineer Actually Do?

Join Alex and Chris Black, Senior Detection Engineer at NBC Universal, as they take you inside the dynamic world of detection engineering and explore why it just might be the coolest job you’ve never heard of–our parents for sure never have.

Watch Now and Get the Giveaway

October 24, 2024

#34 The Threat Hunting & Alerting Secret Sauce

In this episode, Alex sits down with a seasoned cybersecurity expert from Expel Security to explore what makes a good alert and how to avoid drowning in a sea of irrelevant notifications.

Watch Now and Get the Giveaway