DFIR

Artifacts of Execution: Prefetch - Part One

Learn how to identify what programs were executed during an incident with the Prefetch artifact

Cloud Incident Response: Investigating AWS Incidents

Learn the basics of AWS investigations and the logs that exist.

Sysmon: When Visibility is Key

Learn why visibility is everything when responding to an incident.

A LNK To The Past: Utilizing LNK Files For Your Investigations

We've all heard of "Link" or "LNK" files, right? You want a faster way to open your favorite game, document or application without need...

We love automation, right? Subscribe to get notifications from us.