Thursday, January 20, 2022

No Logs? No Problem! Incident Response without Windows Event Logs

By Dray Agha

In this article, we discuss some Digital Forensics and Incident Response (DFIR) techniques you can leverage when you encounter an environment without Windows event logs.

Where are the logs?

At JUMPSEC, we regularly respond to security incidents with ineffective logging and auditing for the purposes of a cyber incident. In some cases, organisations we encounter don’t have any recognisable SIEM or centralised log repository. In others, organisations with otherwise sufficient loggin…

Read More

Latest news
Related news