In this post Jessica Payne writes about how to use the built in Windows Event Forwarding components of Windows, some PowerShell scripts, and PowerBI desktop to create a fast, free, and effective console for diagnosing problems and finding Indicators of Attack in a network.
Home How To Build a fast, free, and effective Threat Hunting/Incident Response Console with Windows Event Forwarding and PowerBI
-
PC3000 Portable III in Digital Forensics
Introduction Sooner or later, most forensics experts have to deal with damaged hard drives… -
How to analyze different types of devices and find connections between them
Modern digital forensics and incident response cases may involve quite different types of … -
Threat Hunting: What it Is, and What it Is Not
Nowadays everybody is talking about threat hunting. Everyone wants to be a threat hunter. …
Load More Related Articles
-
Step by Step Guide to iOS Jailbreaking and Physical Acquisition
Oleg Afonin from Elcomsoft has posted a step by step guide on how to perform jailbreaking … -
Creating a File System Image of iOS12
Apple’s iOS 12 is the latest iteration in their mobile device software. With each it… -
Parsing Carved EVTX Records Using EvtxECmd
Teru Yamazaki has posted about how to extract Windows Event Log files from allocated space…
Load More In How To
Comments are closed.
