Microsoft Defender for Identity is focused on protecting on-premises identities and allowing security analysts to pinpoint vulnerabilities before an attack can occur. A key feature that allows analysts to achieve this is by viewing the evidence relates tolateral movement paths in Defender for Identity. This information is provided through a visual guide that break downs the possible ways an advisory can move throughout an organization by compromising credentials.
A lateral movement occurs when an attacker begins to use non-sensitive accounts to gain access to sensitive entities - think a domain admin or a server containing sensitive information. If an attacker is successful in compromising sensitive entities, they can traverse the environment and eventually gain domain dominance.