Case Study: a global public manufacturing company stops lateral movement with Silverfort

Lateral Movement Prevention with MFA and Service Account Protection

Global Public Manufacturing company, a public global manufacturer with facilities in eight countries, needed stronger protection against ransomware-driven lateral movement after identifying a critical gap in its ability to stop attackers who had already obtained privileged credentials. The company turned to Silverfort to help secure its Active Directory environment, especially for admin users and high-privileged service accounts.

Silverfort implemented MFA and access-blocking policies across RDP and command-line tools such as PsExec and PowerShell, extending protection to both human admins and service accounts. In May 2022, Silverfort blocked an unusual spike of 22 denied MFA requests tied to two admin accounts and later detected anomalous service account activity, which led the customer to quarantine affected systems, reset credentials, and stop the attack before domain dominance was reached. Silverfort’s real-time protection contained the intrusion, prevented further lateral movement, and gave the security team the information needed for rapid incident response.