Coursera Plus Annual is 40% Off — Ends July 6.
Supercharge Your SOC with Sysmon

Supercharge Your SOC with Sysmon

via YouTube Direct link

Investigation with PowerShell & Excel

17 of 24
Previous
Next

17 of 24

Investigation with PowerShell & Excel

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Supercharge Your SOC with Sysmon

Automatically move to the next video in the Classroom when playback concludes
  1. 1 Intro
  2. 2 What's happening on our endpoints?
  3. 3 Sysmon Visibility
  4. 4 Getting Started with Sysmon
  5. 5 Swift vs. SIG Sysmon Config
  6. 6 Transporting Logs with WEC
  7. 7 SIEM Integration
  8. 8 What kinds of badness can we detect?
  9. 9 Malicious Microsoft Word Macro Payload
  10. 10 Malicious PowerShell Execution
  11. 11 Rubber Ducky and Mouse Jacking Attacks
  12. 12 Sticky Keys Attack
  13. 13 Lateral Movement with WMI
  14. 14 Lateral Movement with PsExec
  15. 15 Lateral Movement with Sneaky PsExec
  16. 16 Dumping Credentials from Memory
  17. 17 Investigation with PowerShell & Excel
  18. 18 Malspam with Word Macro
  19. 19 Malspam SIEM Alert
  20. 20 Getting Sysmon Events via PowerShell
  21. 21 Adding Sysmon Fields to Events Properties
  22. 22 Interacting with Excel via PowerShell
  23. 23 Advanced Analytics with Spoor
  24. 24 How can you get started with Sysmon?

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.