Windows Event Logs store an increasingly rich set of data. This reference walks you through configuring, storing and analyzing Windows events.
The battle for our boxes is increasingly being fought in RAM. Learn to use Volatility to hunt for evil on your systems.
Quick Reference on normal system processes on a Windows system, including their executable's path on disk, the usual process tree, and descriptions of each process. Perfect to help during memory analysis and system triage.
High profile tools like Empire and Death Star harness PowerShell for offensive purposes. This presentation examines ways that IT security professionals can leverage PowerShell to protect their assets.
Modern attackers are like ninjas, stealthily skulking in the shadows, using existing tools to blend in with everyday network activity. This presentation accompanies our Lateral Movement Analysis Analyst Reference PDF to highlight ways to detect and defeat these hidden adversaries.
Bring Your Own Device is a paradigm that allows employees to access critical data from almost anywhere using devices that cost the employer nothing. Or do they? We'll take a look at many of the challenges and assumptions that have gone into BYOD policies, or lack thereof, and take a moment to evaluate how reasonable our rush to embrace this approach has been. We'll consider technical challenges such as vulnerability management, mobile device management platforms, and mobile device forensic challenges and look at what countermeasures we can employ to acknowledge and address the reality of this model.
Copyright © 2019 Applied Incident Response - All Rights Reserved.