Automating with PowerShell - a favorite amongst security teams and hackers alike. Many modern attacks leverage PowerShell to evade antivirus, whitelisting, and other security products and technology.
This webcast will share ways a SIEM can detect modern PowerShell attacks. Techniques discussed include quick wins and more detailed practices, addressing false positives and high volumes of PowerShell logs. Take a deeper dive into PowerShell monitoring and advanced endpoint analytics with SANS Instructors Justin Henderson
Webcast Series: Catch the Bad Guys with SIEM