Lateral movement, a crucial phase in the Advanced Persistent Threat (APT) life cycle, refers to a strategy employed by adversaries to traverse horizontally within a network. The aim is to gain access to various systems or resources, thereby expanding their control and potential access to valuable targets. Detecting these attacks becomes challenging for conventional detection systems due to various factors, including the complexity of pathways, the mimicking of legitimate user behavior by attackers, and limited network visibility. To address these challenges, advanced detection techniques are required to effectively and dynamically analyze multiple features within the interconnected structure of the network. This paper introduces an innovative approach to detect malicious lateral movement paths by leveraging authentication events and graph learning techniques. The proposed method involves constructing a heterogeneous graph, and employing DeepWalk for node embedding. By combining node embedding features with the temporal information of authentication events, feature vectors are generated for each authentication request. These features are then used to train multiple machine learning-based classifiers to detect malicious lateral movement paths. Furthermore, to assess the model’s performance in a more realistic scenario, a series of additional experiments were conducted. These experiments provided further validation of the model’s robustness and its capability for forward prediction.