19 hours ago6 minSUM UAL - Investigating Server Access with User Access LoggingLearn what the SUM UAL database is and how it can help make or break DFIR analysis.
Mar 284 minMinimizing Malicious Script ExecutionLearn some quick wins to minimize malicious script execution.
Mar 115 minEvidence of Program Existence - AmcacheLearn the mystery of the Amcache artifact and how to use it in your DFIR cases