List Lateral Movements Paths to Compromised Device

Sentinel

// List potential lateralmovement paths to compromised device
let DeviceName = "testdevice.test.com";
ExposureGraphEdges
| where TargetNodeLabel == "device"
| where TargetNodeName == DeviceName
| summarize Total = dcount(SourceNodeName), Details = make_set(SourceNodeName) by EdgeLabel, TargetNodeName
| extend Message = strcat(Total, " details ", EdgeLabel, " ", TargetNodeName)
| project Message, Action = EdgeLabel, Details, Total, Target = TargetNodeName

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

ExposureManagement - LateralMovementPaths.md

ExposureManagement - LateralMovementPaths.md

List Lateral Movements Paths to Compromised Device

Sentinel

Files

ExposureManagement - LateralMovementPaths.md

Latest commit

History

ExposureManagement - LateralMovementPaths.md

File metadata and controls

List Lateral Movements Paths to Compromised Device

Sentinel