Endpoint Detection Super Powers on the Cheap with Sysmon
Offered By: YouTube
Course Description
Overview
Explore advanced endpoint detection techniques using Sysmon in this 26-minute conference talk from Derbycon 2019. Gain insights into cost-effective methods for enhancing your cybersecurity capabilities as Olaf Hartong delves into topics such as attack support, data source references, and the evolution of Sysmon features. Learn about directory structures, name annotation, and data voyager tools to improve your investigative workflow. Discover how to overcome challenges in app structure, reporting, and filtering, while also understanding network connections. Conclude with a roadmap for future developments in endpoint detection and response.
Syllabus
Introduction
Todays topic
Why am I here
Disclaimer
Attack
Support
Data Source Reference
History of Statements
New Features
Directory Structure
Name Annotation
Data Voyager
Investigative Workflow
Challenges
App Structure
Reporting
Filtering
Network Connections
Roadmap
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network