Power BI Fundamentals - Create visualizations and dashboards from scratch
Learn AI, Data Science & Business — Earn Certificates That Get You Hired
Overview
Syllabus
Intro
What's happening on our endpoints?
Sysmon Visibility
Getting Started with Sysmon
Swift vs. SIG Sysmon Config
Transporting Logs with WEC
SIEM Integration
What kinds of badness can we detect?
Malicious Microsoft Word Macro Payload
Malicious PowerShell Execution
Rubber Ducky and Mouse Jacking Attacks
Sticky Keys Attack
Lateral Movement with WMI
Lateral Movement with PsExec
Lateral Movement with Sneaky PsExec
Dumping Credentials from Memory
Investigation with PowerShell & Excel
Malspam with Word Macro
Malspam SIEM Alert
Getting Sysmon Events via PowerShell
Adding Sysmon Fields to Events Properties
Interacting with Excel via PowerShell
Advanced Analytics with Spoor
How can you get started with Sysmon?