Description

Custom Splunk detections to identify lateral movement activity across Windows environments.

Includes:

Remote service execution detection

Authentication anomalies

Cross-host activity correlation

ATT&CK alignment (T1021)

Designed for early breach containment.