Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore advanced techniques for detecting and tracing adversarial activities using Event Tracing for Windows (ETW) in this informative conference talk from Derbycon 7. Delve into practical demonstrations covering process and thread monitoring, PowerShell command tracking, script block capturing, domain lookup analysis, child process detection, file I/O monitoring, and thread tracking. Gain valuable insights into enhancing your cybersecurity defenses and improving your ability to identify and respond to potential threats in Windows environments.