Detecting Lateral movement through event logs

Japan Cert has recently released a new research paper in wich the show the value of envent logs for the detection of lateral movement. The research papers is outstanding following the quaility of all documentation that the Japan Cert often releases to the public.

The research provides and insight into the current tools used by attackers to perform lateral movement inside the network and how event logs can support the detection of this maneauver.

If you are currently hunting or also automating your detection mechanism this is definitively one those papers you need to read.

https://www.jpcert.or.jp/english/pub/sr/ir_research.html

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s