Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Reverse Engineering for Enhanced Windows Visibility

Ekoparty Security Conference via YouTube

Overview

Explore advanced techniques for expanding Osquery's capabilities and enhancing Windows visibility in this 47-minute conference talk from Ekoparty 2023. Delve into creative solutions for addressing missing Windows visibility in Osquery, including reverse-engineering secedit.exe to gain insights into obscure security policies. Learn how implementing ETW tracing can provide event-driven insights into Windows subsystems. Discover practical approaches to extend Osquery's reach and achieve deeper visibility into Windows environments. Presented by Marcos Oviedo from BlueSpace, this talk offers valuable insights for security professionals and system administrators looking to improve their Windows monitoring capabilities.

Syllabus

Reverse Engineering for Enhanced Windows Visibility - Marcos Oviedo // BlueSpace - Ekoparty 2023

Taught by

Ekoparty Security Conference

Reviews

Start your review of Reverse Engineering for Enhanced Windows Visibility

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.