Episode 8 - Hidden Digital Forensic Logging For Cybersecurity On Any Budget: Practical Strategies For Enhanced Detection And Prevention Using Sysmon, Blocking Data Exfil With Group Policy And Printer Forensics TLP - The Digital Forensics podcast

Artwork

Tech Clint Marsden DFIR Incident Response Forensic Cyber Windows Hacking Blue Teaming Red Team Auscert

Innhold levert av Clint Marsden. Alt podcastinnhold, inkludert episoder, grafikk og podcastbeskrivelser, lastes opp og leveres direkte av Clint Marsden eller deres podcastplattformpartner. Hvis du tror at noen bruker det opphavsrettsbeskyttede verket ditt uten din tillatelse, kan du følge prosessen skissert her https://no.player.fm/legal.

TLP - The Digital Forensics Podcast « »
Episode 8 - Hidden digital forensic logging for Cybersecurity on Any Budget: Practical Strategies for Enhanced Detection and Prevention Using Sysmon, Blocking Data Exfil with group policy and printer forensics

2M ago 19:57

Del

MP3•Episoder hjem

Innhold levert av Clint Marsden. Alt podcastinnhold, inkludert episoder, grafikk og podcastbeskrivelser, lastes opp og leveres direkte av Clint Marsden eller deres podcastplattformpartner. Hvis du tror at noen bruker det opphavsrettsbeskyttede verket ditt uten din tillatelse, kan du følge prosessen skissert her https://no.player.fm/legal.

In this episode, Clint Marsden goes straight into 4 practical strategies that enable better forensics and stop data exfiltration, no matter the size of your budget.
Clint covers deploying Sysmon for enhanced monitoring, and using Group Policy to tighten print and USB security.

Event log cleared: Event ID 1102
ACSC Sysmon: https://github.com/AustralianCyberSecurityCentre/windows_event_logging
Swift on security Sysmon: https://github.com/SwiftOnSecurity/sysmon-config
Printer forensics: https://eventlogxp.com/blog/how-to-track-printer-usage-with-event-logs/

… continue reading

14 episoder

#Tech #Clint Marsden #DFIR #Incident Response #Forensic #Cyber #Windows #Hacking #Blue Teaming #Red Team #Auscert

Artwork

Episode 8 - Hidden digital forensic logging for Cybersecurity on Any Budget: Practical Strategies for Enhanced Detection and Prevention Using Sysmon, Blocking Data Exfil with group policy and printer forensics

TLP - The Digital Forensics Podcast

published 2M ago

Del

MP3•Episoder hjem

Innhold levert av Clint Marsden. Alt podcastinnhold, inkludert episoder, grafikk og podcastbeskrivelser, lastes opp og leveres direkte av Clint Marsden eller deres podcastplattformpartner. Hvis du tror at noen bruker det opphavsrettsbeskyttede verket ditt uten din tillatelse, kan du følge prosessen skissert her https://no.player.fm/legal.

In this episode, Clint Marsden goes straight into 4 practical strategies that enable better forensics and stop data exfiltration, no matter the size of your budget.
Clint covers deploying Sysmon for enhanced monitoring, and using Group Policy to tighten print and USB security.

Event log cleared: Event ID 1102
ACSC Sysmon: https://github.com/AustralianCyberSecurityCentre/windows_event_logging
Swift on security Sysmon: https://github.com/SwiftOnSecurity/sysmon-config
Printer forensics: https://eventlogxp.com/blog/how-to-track-printer-usage-with-event-logs/

… continue reading

14 episoder

#Tech #Clint Marsden #DFIR #Incident Response #Forensic #Cyber #Windows #Hacking #Blue Teaming #Red Team #Auscert

Alle episoder

×

Velkommen til Player FM!

Player FM scanner netter for høykvalitets podcaster som du kan nyte nå. Det er den beste podcastappen og fungerer på Android, iPhone og internett. Registrer deg for å synkronisere abonnement på flere enheter.

Lytt til 500+ tema