Threat Hunting with Windows Event Forwarding

Course
Time
1 hour 21 minutes
Difficulty
Beginner
CEU/CPE
2
Create Free Account

Up Next

04:58
1.2 Native Windows Event Forwarding
07:42
2.1 Group Policy for Event Collection
09:53
2.2 Microsoft System Monitor (SysMon)
06:23
2.3 Which Events to log for the Threat Hunt Part 1
07:54
2.4 Which Events to log for the Threat Hunt Part 2

Threat Hunting with Windows Event Forwarding

In this course we will learn about an approach to collect events from windows devices in both normal operations and when an intrusion is suspected. We will use Windows Event Forwarding (WEF) natively built into Windows for Incident detection while sharing our learnings and step-by- step instructions with WEF configuration and management workflows.

Instructed By

Instructor Profile Image
Gurvinder Singh
Information Security Manager at American Psychological Association
Instructor