Detecting Lateral Movement through Tracking Event Logs (Version 2) Logo

Detecting Lateral Movement through Tracking Event Logs (Version 2)

0
Free
Visit Website

This report is intended for incident investigation and explains what logs are recorded and what files are created upon execution of tools/commands that are often used in lateral movement. Updated Contents: This report is intended for incident investigation and explains what logs are recorded and what files are created upon execution of tools/commands that are often used in lateral movement. While the previous report mainly focused on investigation on event logs and registry entries, this updated report also covers other types of logs and files that are created during lateral movement. The report includes analysis results of various tools and commands that are likely used by attackers in lateral movement, and provides information on how to identify and analyze these tools and commands. The report is intended for incident responders, security analysts, and other professionals who are involved in incident response and incident investigation.

FEATURES

ALTERNATIVES

A custom activity repository for Ayehu NG automation platform, allowing users to create and modify activities to fit their specific needs.

CBRX is a cloud-based platform that automates incident analysis and reporting for cybersecurity teams.

Network Intelligence is a cybersecurity services provider offering comprehensive security solutions through their ADVISE framework, including detection and response, compliance, data privacy, and secure digital transformation services across multiple industries.

Receive important notifications and updates related to North American electric grid security.

Python command line utility for incident response in AWS

CrowdStrike Charlotte AI is a conversational AI assistant that accelerates security operations by automating tasks and providing faster intelligence through generative AI capabilities.

An AI-powered SOC automation platform that performs autonomous alert triage, investigation, and incident response while augmenting human analyst capabilities.

Tool to disable vulnerable features in Windows and popular applications for enhanced security.