Lateral Movement

Lateral movement is how an attacker spreads sideways through a network after gaining an initial foothold — from one system to the next, toward higher-value targets.

After breaching one machine, attackers rarely stop there. They use stolen credentials and trust relationships to move toward sensitive systems.

Because this movement happens between internal systems, it often leaves no endpoint alert — but it does leave traces in network communication.

Lateral movement is exactly the kind of activity AEGYS Monitor surfaces on the network.

AEGYS Monitor

RELATED TERMS

Command-and-Control (C2)
NDR — Network Detection and Response
APT — Advanced Persistent Threat