Warning
Splunkbase Classic has been deprecated and will be deactivated on February 18, 2026.
Windows Lateral Movement Detection app icon

Windows Lateral Movement Detection

The technology addon "TA-latmov" was designed based off SANS' 2018 Hunt Evil Poster. This poster focuses on lateral movement from forensic evidence found on the source/destination endpoint after the action has occurred.

Built by
splunk product badge
Last Updated
September 17, 2025
Compatibility
Splunk Enterprise
Rating

0

(0)

Log in to rate this app
Support
Windows Lateral Movement Detection support icon
Not Supported
The technology addon "TA-latmov" was designed based off SANS' 2018 Hunt Evil Poster. This poster focuses on lateral movement from forensic evidence found on the source/destination endpoint after the action has occurred. Based on this, I created a series of Windows-based inputs to capture the state for threat hunting and preservation.

Categories

Security, Fraud & Compliance

Created By

Anthony Giallombardo

Type

addon

Downloads

422

Splunk Answers

Ask a question about this app listing(Opens new window)

Resources

Log in to report this app listing