IR Event Log Analysis

  • Webcast Aired Monday, February 2, 2015 at 1:00 pm EST (2015-02-02 18:00:00 UTC)
  • Speaker: Hal Pomeranz

Windows event logs contain a bewildering variety of messages. But homing in on a few key events can quickly profile attacker activity.

From administrator logins, to scheduled tasks, to entries related to system services, and more-- the event logs are a one-stop shop.

Learn to \crack the code" and enhance your investigations by adding event log analysis to your toolset.