Description

Windows event logs provide a fundamental source for host-based threat hunting. In this edition of #TechTalkTuesday, we explore one of the most powerful event IDs for finding popular nation-state and other hacking groups’ initial access and lateral movement techniques. We also talk about how to scale hunting through event logs with Elasticsearch and Kibana.