主权项 |
1. A method of monitoring a network, the method comprising:
receiving, via a processing module, a plurality of authentication audit logs to assist in generating account lateral movement mapping data from a plurality of assets; correlating, via the processing module, the plurality of authentication audit logs; and generating, via the processing module, a notification based on a comparison of correlation results and a database of permitted associations among multiple accounts used by a single user. |