Many organizations do not monitor for additions to the Windows Registry that could be used to trigger autostart execution on system boot or logon. This allows adversaries to launch programs that run at higher privileges and paves the way for more damaging activity. Learn how to detect and mitigate this activity to secure your network.
You will be able to identify and validate critical threats related to threat actor attempts to exfiltrate your organization's valuable data and potentially attempt to extort your organization for financial gain.
You will be able to use a SIEM tool to identify indicators of compromise and validate whether they should be investigated further.
You will learn response and mitigation recommendations to keep your organization safe.