ACE

RESPONDER

Attack Animator

Blog

Learn

Challenges

Sign in

##### Prerequisites: * [OpenSearch Tutorial](/learn/opensearch-tutorial) * [Windows Logons](/learn/windows-logons) Welcome to this learning module on lateral movement. Attackers move laterally to expand their foothold within the network, gain access to valuable assets or information, and identify vulnerabilities they can exploit in order to achieve their objectives. This module explores a few foundational lateral movement techniques that are leveraged by virtually all persistent attackers. One of the primary ways that attackers move laterally through a network is through remote services. This module will focus on several common remote service techniques, including: * WMI * DCOM * WinRM * scheduled tasks By understanding how these techniques work and what they look like, we can improve our detections and hasten our response. The events in your SIEM can be found in the following timespan: 1 Apr 2023 - 2 Apr 2023.

Lateral Movement

Share on Twitter
Share on LinkedIn
Prerequisites:

Welcome to this learning module on lateral movement. Attackers move laterally to expand their foothold within the network, gain access to valuable assets or information, and identify vulnerabilities they can exploit in order to achieve their objectives. This module explores a few foundational lateral movement techniques that are leveraged by virtually all persistent attackers.

One of the primary ways that attackers move laterally through a network is through remote services. This module will focus on several common remote service techniques, including:

  • WMI
  • DCOM
  • WinRM
  • scheduled tasks

By understanding how these techniques work and what they look like, we can improve our detections and hasten our response.

The events in your SIEM can be found in the following timespan: 1 Apr 2023 - 2 Apr 2023.

Analyst

$17.49

/mo

14 Days Free

Explore realistic pre-recorded attacks

Master full-featured defensive platforms

Browser-based challenges and modules

Extended attack videos

Grants access to Analyst content. You can cancel any time by returning to this page and following the cancellation steps.

Defender

$44.49

/mo

Instant fully interactive labs

Hands-on prevention and detection

Master offensive techniques

Security engineering exercises

Highly realistic and dynamic scenarios

Access to all Analyst-level content

Grants access to all Defender content, Analyst content and interactive lab environments. You can cancel any time by returning to this page and following the cancellation steps.