Description
Custom Splunk detections to identify lateral movement activity across Windows environments.
Includes:
-
Remote service execution detection
-
Authentication anomalies
-
Cross-host activity correlation
-
ATT&CK alignment (T1021)
Designed for early breach containment.
