mchurchill
The Importance of Logs
Across all of the nation-state targeted attacks, insider thefts, and criminal enterprises that CrowdStrike has investigated, one thing is clear: logs are extremely important. Event logs from individua[…]
Parsing Sysmon Events for IR Indicators
Intro and Installation A dedicated endpoint monitoring tool is quickly becoming a necessity among organizations to increase visibility, logging, and alerting to combat targeted attacks and commodity m[…]