GovInfoSecurity nickster2407) • February 25, 2021 Tim Keeler, co-founder and CEO, Remediant The SolarWinds supply chain attack is another example of the damage that lateral movement by system intruders can cause. Tim Keeler of Remediant says detecting lateral movement is challenging because of the size of today’s systems and the difficulty of filtering bad behavior from benign behavior in remote work environments. "How do I know whether this is just an admin doing their regular activity, versus someone using those credentials in a malicious manner to get access to other systems? Because if you're dealing with an environment that's one or 200,000 systems, it's really hard to scale this out,” Keeler says. “And how do you actually discern and understand what is malicious and what is just your day-to-day behavior?”