The Identity Attack Surface: How Credential Compromise Enables Lateral Movement

Threats & Vulnerabilities2024Network and Distributed System Security Symposium

ByJulian Calvo, Ed.D., MBA, M.S.2024

APA Citation

Hayes, M. & Lindqvist, J. (2024). The Identity Attack Surface: How Credential Compromise Enables Lateral Movement. *Network and Distributed System Security Symposium*.

View source →

Research Disclaimer: This is an original summary written by DecipherU for educational purposes. We do not host or reproduce the original paper. Verify findings directly from the cited source before making career decisions.

What Did This Cybersecurity Research Find?

This cybersecurity attack path study analyzed 250 penetration test reports to map how credential compromise enables lateral movement in enterprise environments. Cybersecurity defenses focused on identity (MFA, privileged access management, credential hygiene) blocked 78% of lateral movement paths that penetration testers used to reach domain admin.

Key Findings

1Credential-based attacks were the primary lateral movement method in 82% of penetration tests
2MFA implementation blocked 64% of credential replay attacks
3Privileged access management (PAM) solutions reduced attack path availability by 57%
4Kerberoasting and AS-REP roasting were successful in 48% of Active Directory environments
5Identity-focused defenses blocked 78% of paths to domain admin in tested environments

How Does This Apply to Cybersecurity Careers?

Identity security is becoming a distinct career specialization. Penetration testers and defensive security engineers both benefit from understanding credential-based attack paths.

Who Should Read This?

mid careersenior

Frequently Asked Questions

What did this cybersecurity research find?

How is this research relevant to cybersecurity careers?

Identity security is becoming a distinct career specialization. Penetration testers and defensive security engineers both benefit from understanding credential-based attack paths.

Where was this cybersecurity research published?

This study was published in Network and Distributed System Security Symposium in 2024. Access the original paper through the publisher link above.

Sources

Network and Distributed System Security Symposium

Last verified: 2026-04-01Report an inaccuracy

Explore Related Cybersecurity Resources

Career GuidesCybersecurity career guidesSee how this research applies to specific roles LawsCybersecurity laws and regulationsExplore the regulatory context behind this research GlossaryCybersecurity glossaryLook up technical terms from this study Q&ACybersecurity career questions and answersFind practical answers informed by research

Get cybersecurity career insights delivered weekly

Join cybersecurity professionals receiving weekly intelligence on threats, job market trends, salary data, and career growth strategies.

Get Cybersecurity Career Intelligence

Weekly insights on threats, job trends, and career growth.

Unsubscribe anytime. More options

The Identity Attack Surface: How Credential Compromise Enables Lateral Movement

APA Citation

Hayes, M. & Lindqvist, J. (2024). The Identity Attack Surface: How Credential Compromise Enables Lateral Movement. *Network and Distributed System Security Symposium*.

View source →

What Did This Cybersecurity Research Find?

Key Findings

1Credential-based attacks were the primary lateral movement method in 82% of penetration tests
2MFA implementation blocked 64% of credential replay attacks
3Privileged access management (PAM) solutions reduced attack path availability by 57%
4Kerberoasting and AS-REP roasting were successful in 48% of Active Directory environments
5Identity-focused defenses blocked 78% of paths to domain admin in tested environments

How Does This Apply to Cybersecurity Careers?

Identity security is becoming a distinct career specialization. Penetration testers and defensive security engineers both benefit from understanding credential-based attack paths.

Who Should Read This?

mid careersenior

Frequently Asked Questions

What did this cybersecurity research find?

How is this research relevant to cybersecurity careers?

Identity security is becoming a distinct career specialization. Penetration testers and defensive security engineers both benefit from understanding credential-based attack paths.

Where was this cybersecurity research published?

This study was published in Network and Distributed System Security Symposium in 2024. Access the original paper through the publisher link above.

Get cybersecurity career insights delivered weekly

Join cybersecurity professionals receiving weekly intelligence on threats, job market trends, salary data, and career growth strategies.

Get Cybersecurity Career Intelligence

Weekly insights on threats, job trends, and career growth.

Unsubscribe anytime. More options