Simran Karki is an experienced SOC Analyst who has been working in defensive security for over 2 years.She has consistently demonstrated exceptional performance in her role, showing a keen eye for detail and a thorough understanding of security threats and how to prevent them. Her expertise includes monitoring and analyzing security events, managing incidents, and implementing effective security measures to protect against cyber attacks.
Simran Karki
March 9, 2023
Threat Hunting with Windows Event Logs
Table Of Contents Introduction Event log structure in windows About Tools Logon Activity Groups Account Logon Enumeration Remote Desktop Connection (RDP) Network Share Schedule Tasks Services PowerShell WMI Removable Devices Log Clearing Detection About SayCure Hunting Approaches with SayCure Failed Logins Large numbers of failed logins on a single source within a small number of times.
Read More