Wanted Dead or Alive: Real-Time Protection Against Lateral Movement

2023-05-01 10:53

In this article, we'll walk through the most essentials questions around the challenge of lateral movement protection, understand why multifactor authentication and service account protection are the gaps that make it possible, and learn how Silverfort's platform turns the tables on attackers and makes lateral movement protection finally within reach.

To add another dimension to the lateral movement protection challenge, keep in mind that not all accounts are created equal.

This lack of visibility and protection of service accounts is the second blind spot on which lateral movement actors rely.

Preventing lateral movement at the root #1: Extending MFA to command-line access #. Silverfort can apply MFA protection to any command-line access tool - PsExec, Remote PowerShell, WMI, and any other.

With an MFA policy enabled, if an attacker attempts to perform lateral movement via command line, Silverfort would push an MFA prompt to the actual user, asking them to verify whether they had initiated that access attempt.

Preventing lateral movement at the root #2: Automated visibility and protection of service accounts #. While service accounts can't be subjected to MFA protection - as non-human users, they can't confirm their identity with a cell phone notification - they can still be protected.

News URL

https://thehackernews.com/2023/05/wanted-dead-or-alive-real-time.html