How to optimize Windows event logging to better investigate attacks
After a compromise, the first thing investigators will do is review the log files. The default logging on Windows machines, however, does not capture enough information to identify forensic artifacts....
View Article5 best practices for designing application logs
Veronica Schmitt started to wear an implantable cardiac device when she was 19. A few years ago, although the small defibrillator appeared to be working properly, she felt sick. "I kept passing out,...
View ArticleHow Windows admins can get started with computer forensics
The recent cybersecurity symposium that aimed to “prove” the 2020 US election was a fraud made headlines not because of evidence found, but rather the absence of evidence. As I watched the three-day...
View ArticleRansomware, endpoint risks are top concerns for DFIR professionals
The rise of ransomware attacks that occurred after the global pandemic in March 2020 remains a problem. However, ransomware is not the only threat. According to a new report from IDC and Magnet...
View Article
