EDR: Can Lateral Movement activities be detected?
search cancel

EDR: Can Lateral Movement activities be detected?

book

Article ID: 284915

calendar_today

Updated On:

Products

Carbon Black EDR (formerly Cb Response) Carbon Black Hosted EDR (formerly Cb Response Cloud)

Issue/Introduction

Can Lateral Movement activities be detected with existing threat reports?

Environment

  • EDR (formerly Carbon Black Response): All supported versions

Resolution

Yes, the "Lateral Movement - File Write to SMB Admin Shares" report has been added to the Bit9EndpointVisibility and Bit9AdvancedThreats feeds.

Additional Information

If assistance is required to create custom watchlists or to modify the existing "Lateral Movement - File Write to SMB Admin Shares" report to suit the environment, options are
  • Post questions in the Threat Research space in the UEX
  • Request Professional Services with the help of CSM.
Powered by Wolken Software