Establishing Connections: Illuminating Remote Access Artifacts in Windows
All too often during an investigation, it comes to light that adversaries are leveraging existing remote access tools for initial access and lateral movement. This trend is continuously on the rise and tends to go unnoticed due to the lack of available logging or not understanding what the available logs provide. This talk will not only address the aforementioned, but I also will be sharing custom tools that have proved to be beneficial in analysis against some of the most sophisticated actors. Walking away, attendees will be able to use these capabilities in their own environment and be better postured to identify maliciousness.
Certificates
After viewing this webinar, you can download a certificate of completion from the event console.