Skip to main contentSkip to main content
Room Banner
Back to all walkthroughs
Room Icon

XDR: Lateral Movement

Premium room

Detect and investigate techniques malicious actors use to enter and control systems on a network using Defender XDR.

medium

60 min

347

User profile photo.
User profile photo.

To access material, start machines and answer questions login.

This room will discuss some of the Lateral Movement and Execution techniques from the perspective of a multi-stage incident in Microsoft Defender XDR.

  • Firstly, we will look at the Lateral Movement concept.
  • Then, we will see two sample techniques and tools for it, namely WinLNK and Mimikatz.
  • Finally, we will investigate the multi-stage incident in Microsoft Defender XDR. While doing so, we will focus on the following parts of this incident, as each of them will help us to understand and build the attack narrative from a 360 view:
    • Attack story
    • Alerts
    • Assets
    • Investigations
    • Evidence and Response

With the hands-on part, in the lab environment, there will be also the chance to explore and investigate similar alerts and incidents in Microsoft Defender XDR lab environment. 

Answer the questions below

Attack story sounds cool!

Ready to learn Cyber Security?

The XDR: Lateral Movement room is only available for premium users. Signup now to access more than 500 free rooms and learn cyber security through a fun, interactive learning environment.

Already have an account? Log in

We use cookies to ensure you get the best user experience. For more information see our cookie policy.