Description: A typical organization sees anywhere from scores to thousands of alerts daily. Many of those alerts are indicating a variety of problems with hosts. An all too common approach is to reimage affected systems. Unsurprisingly this is the equivalent of playing whack-a-mole. At the other end of the spectrum the host undergoes a forensics examination taking days of effort. Fortunately there is a middle ground. In this talk we'll focus on techniques to conduct quick yet effective examinations of windows hosts. In many cases we can use these methods to confirm or disprove a breach situation and determine root cause in minutes, not days.
For More Information Please Visit:- http://www.securitybsides.com/w/page/77739272/BSidesAugusta%202014
Tags:
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.