Lateral Scan

Lately adversaries have accomplished breach goals using advanced tools and techniques designed to circumvent most conventional computer network defense (CND) mechanisms. Once an intruder compromises an organization and infects a vulnerable host, they can move laterally with a lateral scan. A lateral scan is an indicator of compromise (IOC), that suggest an intruder is looking to move laterally to gain unauthorized access to sensitive data on a system.

Detect Lateral Scan Traffic

Threatcare brings a proactive approach to cyber defense through cloud-based simulations that help with risk discovery, while validating your risk mitigation techniques. The browser acts as a Threatcare agent on your host. By using a Firefox or Chrome browser on your host, our lateral scan simulation can find your internal IP address. Once the initial host IP address is found, we move laterally to other host inside the network through a HTTP or HTTPS ping. When we create benign IOC artifacts in your environment , you can leverage your incident responders awareness and controls efficacy. Identification, analysis, and utilization of threats can be the catalyst to slow down APT campaigns.

Why Detecting Lateral Scan Is Important

Most companies have some kind of sensitive data that needs to be protected from the internet. Without familiarity toward real world breach indicators, organizations leave themselves at risk. An undetected lateral scan initiated by an intruder can yield  successful data exfiltration against your organization. Sun Tzu was a Chinese general, military strategist, and philosopher once said, “To know your enemy, you must become your enemy”. Our lateral scan simulation create the artifacts in your network helping you detect, log, and mature your CND. With our help give your organization the secure credibility assurance it needs. Prove your information security team can pinpoint what indicators of compromise look like, while shortening the time from infection to identification with reassure them that recovery from attacks will be swift.

 

© 2017 Threatcare. All rights reserved.

Click Me