Skip to content

Cyber Security | Samuel Alonso

About
Books
Digital Attack Maps
Disclaimer

analysis, APT, Cyber Defense, cyberthreat, Incident response, malware, SOC, Threat Hunting

The top 10 windows logs event’s used to catch hackers

Posted by Samuel Alonso on September 23, 2016December 5, 2016

Very interesting presentation by Michael Gough from SecureWorks. It goes through some malware attack examples and the importance of the windows event id’s for their detection. Another must read.

The top 10 windows logs event id's used v1.0 from Michael Gough

Advertisements

Share this:

Twitter
Facebook
Email
LinkedIn
Reddit
Tumblr
WhatsApp
More

Print
Pinterest
Pocket

Like this:

Like Loading...

Related

DFIR Incident Reseponse Michael Gough SecureWorks Threat Hunting windows event ids

Post navigation

Previous Post Windows Commands abused by attackers (Japan CERT)

Next Post Lateral Movement Artefacts

One Comment Add yours

Pingback: Week 38 – 2016 – This Week In 4n6

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Google account. ( Log Out / Change )

You are commenting using your Twitter account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Connecting to %s

Notify me of new comments via email.

Notify me of new posts via email.

Translate

Follow me on Twitter

Top Posts & Pages

Network Forensics - Traffic Analysis (1)
Digital Attack Maps
Intrusion Detection with Windows Event ID's
Cyber Threat Hunting (1): Intro
Cyber Threat Hunting (3): Hunting in the perimeter
Computer network defense operations, disrupting the enemy's attack
Cyber Threat hunting with Sqrrl (From Beaconing to Lateral Movement)
The top 10 windows logs event's used to catch hackers
Network Forensics - Traffic Analysis (2)
Detecting Lateral movement through event logs

Follow Blog via Email

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 34 other followers

Archives

Archives

Follow on WordPress.com

Category Cloud

analysis APT Book cyber collaboration cyber deception Cyber Defense cyberespionage cyber intelligence cyber operations cyber strategy cyberthreat cyberwar cyber warfare DFIR Digital Forensics forensics general Incident response intelligence driven defence intelligence driven defense Intelligence Driven Incident Response malware network forensics Security Analytics SOC Theat Intelligence Threat Hunting traffic analysis Uncategorized whitepaper

Create a free website or blog at WordPress.com.

Send to Email Address Your Name Your Email Address

Cancel

Post was not sent - check your email addresses!

Email check failed, please try again

Sorry, your blog cannot share posts by email.

Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy

%d bloggers like this: