SANS DFIR Webcast - Incident Response Event Log Analysis 

With Velociraptor deployments on Debian clouds...DFIR tech has really stepped up the game in a huge way!

Very nice video to go through the basics. Thank you very much.

Thank you so much for this video, this is so old but still a gold, i always have a confusion about reading any security log files to find the vulnerabilities and trojans or viruses. i wish if you can make another video a lot in detail.

excellent video, the speaker did a great job.

Love this, very informative

Perfect points to make me get it, many thanks!

Well done, thanks

Fantastic training but I can't find the recommended log alerts settings

When systems become too complicated, thats when the most basic attack becomes effective and vice versa

was this investigation conducted using the compromised machine or did you use SIFT?

On like :)

This video is a bit dated. But it wasn't long after this video was produced that Microsoft triggered the control algorithms that they had been working on for many years, and started changing computers two Windows 10 without permission from users. By this point, anyone who doesn't realize that Microsoft is patient zero, as it is called in this video, is either Clueless or scared of Microsoft. No, they will never plant files called malicious. Anything. but any file that starts with the name trusted is a dead giveaway as to being a major component in the first malware driven operating system in history.

So how do you install Fallout2.exe on a Windows 10 from just the files off the disk because you have a copy but don't know where your usb disk drive is or let alone the disk yet haven't tried finding either because well. Log(s)🧗‍♂️ hahahahaha. I'm serious though, I'm sure you've gotta have the answer I'm looking for.