Find lateral movement paths using KQL Graph semantics
Cloudbrothers
2024-07-08 09:08:51
收藏
Graph databases offer great insights into existing data, that relational databases cannot or can only solve with more resources. Tools that leverage this ability to find lateral movement paths (edges) between user, computers and other entities (nodes) like Bloodhound offer an amazing data source for red teams and blue teams alike. But still the use in the defender world is yet limited. This might be because blue teams don’t like to use red teamers toolkit (really?
目录
最新
- Remove old or orphaned Sentinels from the XDR Streaming API
- Detect threats using GraphAPIAuditEvents - Part 3
- Workshop: Kusto Graph Semantics Explained
- EDR Silencers and Beyond: Exploring Methods to Block EDR Communication - Part 1
- You always trust your CSP - Cross Tenant MFA and GDAP
- Find lateral movement paths using KQL Graph semantics
- Data Protection Made a Breeze: MDA integration in Edge for Business
- Passkey Public Preview for Entra ID