#endpoint-security

Articles tagged with #endpoint-security

Sysmon | Endpoint Monitoring | Logs analysis | Tryhackme Write-up
Sysmon is a Windows system monitoring tool that logs detailed events like process creation, network connections, file changes, DLL loads, and registry modifications into Windows Event Logs for threat hunting and forensics. Sysmon don’t collect every...
Oct 20, 20258 min read4
Windows Events Challenge 1 | TCM Security Write-up
Instructions: After noticing abnormal behavior on a Windows workstation, you have been provided with the challenge.evtx Security Event log file to analyze as part of an incident response investigation. Your task is to examine the log file and answer ...
Oct 20, 20253 min read4