How to tackle the security challenges of lateral network traffic>
Security Solutions – Jim Cook
Logging at the endpoint to detect lateral movement Monitoring agents at every endpoint to detect lateral movement Deploying NetFlow collection at core routers and switches Implementing a dedicated monitoring network Using an internal intrusion detection and prevention system (IDPS) A more effective method for detecting lateral movement and privilege escalation is achieved by detecting based on techniques vs hashes or signatures. Organisations can achieve this by deploying deception and concealment technologies, which confuses and misdirects attackers as they attempt to move laterally from and endpoint while hiding sensitive or critical assets from exploitation.
Unfortunately, misperception may be the biggest challenge for this new approach.
Link: https://www.securitysolutionsmedia.com/2021/01/13/how-to-tackle-the-security-challenges-of-lateral-network-traffic/