DFSP # 395 - Lateral Movement and Admin Logons
Digital Forensic Survival Podcast - En podcast af Digital Forensic Survival Podcast - Tirsdage
Kategorier:
This week is on lateral movement detection techniques. Inspecting Domain Admin account logons is a key component to lateral movement triage. Admin accounts are sought after by attackers for their elevated privileges. Evidence is often left behind both on the targeted system and on the domain controller. Both these factors provide protection opportunity through Windows event log analysis. I’ll break down the method....
