Background First two parts are related to observing process: what is it doing? Part 1 touched on Windows Process Auditing & Part 2 covered Sysmon. This part illustrates how we can use events from Event Tracing for Windows to disrupt malicious Code-...
2 followers
Technologist specialising in Cyber Defense