IR Event Log Analysis

  • Monday, 02 Feb 2015 1:00PM EST (02 Feb 2015 18:00 UTC)
  • Speaker: Hal Pomeranz

Windows event logs contain a bewildering variety of messages. But homing in on a few key events can quickly profile attacker activity.

From administrator logins, to scheduled tasks, to entries related to system services, and more-- the event logs are a one-stop shop.

Learn to \crack the code" and enhance your investigations by adding event log analysis to your toolset.