Skip to content

Real World Cases: Threat Intel to Detect Lateral Movement in the Banking Industry

Home News & Blogs Real World Cases: Threat Intel to Detect Lateral Movement in the Banking Industry

 

Lateral movement on internal networks is nearly impossible to detect with current IT systems. Host-based security controls (EDR) and network monitoring solutions (IDS) often miss just this type of activity. After talking with our clients, we’ve found that SOC managers lack clear and trustable detection controls for targeted adversaries that are present on internal networks. Integrating threat intelligence powered by deception to create these detection controls is a priority for SOC managers.

By deploying breadcrumbs across all production devices and providing deeper deception environments, CounterCraft’s campaigns work to contain adversaries and collect threat intelligence data. This specific and actionable threat intelligence results in internal lateral-movement campaigns that provide high-confidence alerts to adversarial presence.

CounterCraft’s threat intel campaigns have been proven to work where host-based security controls and network monitoring solutions can’t, making IT Security and SOC managers’ jobs much easier. Watch this video where we speak to one of our clients who detected lateral movement within their system using CounterCraft’s Cyber Deception Platform.

CounterCraft’s deception campaigns have proven effective in immediately detecting movement of outsiders within a network. 

 

Using our platform, our clients have had success: 

  • Rapidly detecting adversarial post-breach activity (the adversary is already inside the perimeter), that has not been observed by other systems.
  • Detecting adversaries within one hop of lateral movement.
  • Using existing IT management tools to deploy, with zero impact on production systems and users.
  • Collecting intel describing the TTPs, intentions, and motivations of attackers and profiling them.
  • Managing attacks and reconfiguring other IT Security systems with the threat intel data provided by CounterCraft in real-time to boost enterprise security.
  • We are confident in our insights we deliver to customers. Our promise to our customers is that our alerts aren’t mere notifications; they’re crystal-clear signals demanding immediate action.

 

 

Read more about how threat intelligence can be used to detect lateral movement. And see more real world cases of CounterCraft on our YouTube channel.