Lateral Movement Scoring via SMB + Process Correlation
Detects lateral movement by correlating outbound SMB connections with remote process execution on the destination host, assigning a composite risk score per behavior.
Detects lateral movement by correlating outbound SMB connections with remote process execution on the destination host, assigning a composite risk score per behavior.