Lateral movement is defined as the movement of attackers within an organization's infrastructure. This could either be "to gain additional credentials" or to "steal data". The attacker may use different tools and techniques allowing them to move laterally through a network to map the system.