YoVDO

Windows Event Logs - Zero to Hero

Offered By: YouTube

Tags

Conference Talks Courses Cybersecurity Courses PowerShell Courses Security BSides Courses Windows Security Courses Windows Event Logs Courses

Course Description

Overview

Explore Windows Event Logs in-depth through this 48-minute conference talk from BSides Detroit 2017. Learn about Windows Event Forwarding, setting up a Cuckoo Malware Lab, and the differences between alerting and exploring. Dive into practical examples including Deep Panda analysis, task scheduling, bad login detection, and PowerShell monitoring. Discover techniques for wireless attack detection, event tracing, and effective log monitoring strategies. Gain insights on recommended Group Policy Objects (GPOs) and valuable tips for handling one-offs and gotchas in Windows event logging.

Syllabus

Windows Event Logs? Really?
#1 Most Important Prereq
Windows Event Forwarding
Description of our Cuckoo Malware Lab
Alerting vs. Exploring
Continued... (Deep Panda Sample)
Task Scheduling (4698 OR 106)
Bad Logins (4776)
Event Tracing for Windows
PowerShell
Wireless Attacks & Misuse
Few More Hunting Possibilities
Monitor Your Monitoring
One-offs, Gotchas, and Recommendations
Recommended GPOS
Questions?


Related Courses

Computer Security
Stanford University via Coursera
Cryptography II
Stanford University via Coursera
Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera
Building an Information Risk Management Toolkit
University of Washington via Coursera
Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network