[PowerShell edition] What the log?! So many events, so little time… Miriam Wiesner - PSCONFEU 2020

Подписаться 5 тыс.

Просмотров 1,6 тыс.

50% 1

Detecting adversaries is not always easy. Especially when it comes to correlating Windows Event Logs to real-world attack patterns and techniques.
Join me to find out how to match Windows Event Log IDs with the MITRE ATT&CK framework and methods to simplify the detection in your environment.
The PowerShell edition: see how to correlate events not only via the GUI, now you can automate it..!

Опубликовано:

18 сен 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 2

@daviddasneves8050 4 года назад

Good job ;)

@basantsingh6404 3 года назад

I have installed eventList and i can see it in available lists However, when i try to launch the gui. I get below error. Any suggestion ? Open-EventListGUI : The 'Open-EventListGUI' command was found in the module 'EventList', but the module could not be loaded. For more information, run 'Import-Module EventList'. At line:1 char:1 + Open-EventListGUI + ~~~~~~~~~~~~~~~~~ + CategoryInfo : ObjectNotFound: (Open-EventListGUI:String) [], CommandNotFoundException + FullyQualifiedErrorId : CouldNotAutoloadMatchingModule