How To Threat Hunt for Malicious Account Usage Using the Windows Event Logs

Search …

Platform
Services
Company
Resources
Login

Your cart is currently empty!

Book A Demo

Search …

Platform
Services
Company
Resources
Login

Tech Talk Tuesday / Leave a Comment / 1 minute of reading

How To Threat Hunt for Malicious Account Usage Using the Windows Event Logs

Description

The Windows event logs are a powerful funnel point for identifying hackers that leverage Windows accounts for access, lateral movement, and in other attack stages. In this edition of #TeckTalkTuesday, we explore logs within the advanced audit policy settings you can add to your threat hunting and incident response program to uncover attacker use of both domain-joined and local Windows accounts.

Post navigation

← Previous Post

PutDownYourDukes_HuntingForHackingGroups

Put Down Your Dukes: Hunting For Hacking Group APT 29/APT 37/APT 40’s Covert Data Exfiltration

Tech Talk Tuesday

Threat Hunting for No-Key-Theft-Required Attacks in Trusted Binaries [MITRE ATT&CK T1553.002]

Tech Talk Tuesday

UsingMITRE-ATTACK-ForEnterpriseAndATT_CK-ForICS-InIndustrialEnvironmentspng

Using MITRE ATT&CK for Enterprise and ATT&CK for ICS in Industrial Environments (ft Ron Fabela)

Tech Talk Tuesday

Leave a Comment Cancel Reply

Your email address will not be published. Required fields are marked *

Type here..

Name*

Email*

Website

Save my name, email, and website in this browser for the next time I comment.

How To Use FTK Imager To Take Disk And Memory Images For Free
IR Plan, Policy & Procedures Part 3: How To Write a Cybersecurity Incident Response Procedures
IR Plan, Policy & Procedures Part 2: How To Write a Cybersecurity Incident Response Policy

Be Notified of Future Posts

Share This Post

Contact Us
Blog
Store
My account

Scroll to Top

How To Threat Hunt for Malicious Account Usage Using the Windows Event Logs

Description

Related Posts

Leave a Comment Cancel Reply