A closer look at LATMA, the open-source lateral movement detection tool

2023-12-13 05:00

In this Help Net Security video, Gal Sadeh, Head of Data and Security Research at Silverfort, discusses LATMA, a free, open-source tool.

It's engineered with advanced algorithms to track and report any unusual activity within an environment.

Logs collector - This module collects authentication traffic from the Active Directory environment.

It gathers the logs from the domain controllers and endpoints, focusing only on interactive Kerberos and NTLM authentications.

Analyzer module - This module inputs the logs from the collector and outputs a detailed report containing the patterns that LATMA found, how they're connected, who performed them, and when.

It also visualizes the findings in a GIF..

News URL

https://www.helpnetsecurity.com/2023/12/13/latma-open-source-tool-video/

#opensource