PowerShell Audit Logging Deep Dive
Catch Intruders Living off the Land and Enforce Privileged User Accountability PowerShell is like nuclear fission — it’s powerful, and it can be used for good and evil. PowerShell is one of the best post-exploitation tools out there simply because it’s…
Read More
February 16, 2016
Using Windows AppLocker for Immediate Detection of Unauthorized Software
AppLocker is Window’s built-in application whitelisting technology. Despite AppLocker requiring a lot of planning, research and commitment to ongoing care and feeding, in audit mode the application has unlocked potential. Audit mode, provides a really cool way to know immediately…
Read More
December 15, 2015