Skip to main content

CYBERSTATS

Security Intelligence

Back to Home

For Lateral Movement, the most observed technique by DirectDefense is Valid Accounts, using stolen credentials to escalate privileges. Alerts triggered for Lateral Movement include: Lateral Movement – Local Credentials.

DirectDefense
April 15, 2025
MITRE ATT&CKLateral movementValid accounts

For Lateral Movement, the most observed technique by DirectDefense is Valid Accounts, using stolen credentials to escalate privileges. Alerts triggered for Lateral Movement include: Lateral Movement – Local Credentials. — This cybersecurity statistic was published by DirectDefense in April 2025. It covers topics including MITRE ATT&CK, Lateral movement, Valid accounts. The original data appears in 2025 Security Operations Threat Report. For the full methodology and detailed findings, refer to the original report.

Source

View Original Report

Published on 4/15/2025

Share or Copy this stat

Frequently Asked Questions

What does this statistic say?

For Lateral Movement, the most observed technique by DirectDefense is Valid Accounts, using stolen credentials to escalate privileges. Alerts triggered for Lateral Movement include: Lateral Movement – Local Credentials. This data was published by DirectDefense and covers MITRE ATT&CK, Lateral movement, Valid accounts.

Where does this data come from?

This statistic comes from 2025 Security Operations Threat Report, published by DirectDefense on April 15, 2025. You can view the original report at https://www.directdefense.com/gain-clarity/threat-report/.

What cybersecurity topics does this cover?

This statistic relates to MITRE ATT&CK, Lateral movement, Valid accounts. Browse more statistics on MITRE ATT&CK or from DirectDefense.

Want More Statistics Like This?

Get the latest cybersecurity stats delivered to your inbox every week

Related Statistics

42% of MSPs now rely on MITRE ATT&CK Evaluations as their top vendor assessment resource.

Cynet7/23/2025
MSPMITRE ATT&CK

On average, enterprise SIEMs only have detection coverage for 21% of adversary techniques defined in the MITRE ATT&CK framework. This is a 2% increase in coverage from the 2024 report.

CardinalOps6/5/2025
SIEMMITRE ATT&CK

79% of MITRE ATT&CK Techniques used by adversaries are missed by enterprise SIEMs.

CardinalOps6/5/2025
SIEMMITRE ATT&CK

Growth in security alerts related to the MITRE security framework are up 30%

Akamai4/22/2025
MITRE ATT&CKAlerts

For Initial Access, the most observed technique by DirectDefense is Valid Accounts, which involves leveraging stolen credentials for unauthorized access. Alerts triggered for Initial Access include: First Ingress Authentication from Country, Multiple Country Ingress Authentications, Multiple Wireless Country Authentications.

DirectDefense4/15/2025
MITRE ATT&CKInitial accessValid accounts

For Credential Access, the most observed technique by DirectDefense is Brute Force, automated attacks on authentication systems. Alerts triggered for Credential Access include: Account Lockout Events.

DirectDefense4/15/2025
MITRE ATT&CKCredential accessBrute force

Browse by Topic

MITRE ATT&CKLateral movementValid accountsMore from DirectDefense

Stay Ahead of Cyber Threats

Join 1,000+ security professionals getting weekly insights