This webcast was originally published on September 12, 2024.   In this video, Kirsten Gross and James Marrs discuss how logging strategies can affect cyber investigations, specifically focusing on Windows logs. […]

The post How Logging Strategies Can Affect Cyber Investigations w/ Kiersten & James  appeared first on Black Hills Information Security, Inc..

Jordan Drysdale // UPDATES! October 30, 2023There’s been an additional update for Sysmon! Event ID 29! Another Event ID (EID) was added to the Sysmon service. This event ID followed […]

The post A Sysmon Event ID Breakdown – Updated to Include 29!! appeared first on Black Hills Information Security, Inc..

BHIS’ Defensery Driven Duo Delivers Another Delectable Transmission! We know you are worried about your networks. After hours of discussion, we’ve come to the realization that some of our dedicated […]

The post Webcast: Let’s Talk About ELK Baby, Let’s Talk About You and AD appeared first on Black Hills Information Security, Inc..

On this webcast, we’ll guide you through an iterative process of building and deploying effective and practical Group Policy Objects (GPOs) that increase security posture. Slides for this webcast can […]

The post Webcast: Group Policies That Kill Kill Chains appeared first on Black Hills Information Security, Inc..

John Strand // In this blog, I want to walk through how we can set up Sysmon to easily get improved logging over what we get from normal (and just […]

The post Getting Started With Sysmon appeared first on Black Hills Information Security, Inc..

Click on the timecodes to jump to that part of the video (on YouTube) Slides for this webcast can be found here: https://www.blackhillsinfosec.com/wp-content/uploads/2020/09/SLIDES_WindowsLogginSysmonELK.pdf 4:36 Problem Statement and Executive Problem Statement 9:00 […]

The post Webcast: Windows logging, Sysmon, and ELK appeared first on Black Hills Information Security, Inc..

Click on the timecodes to jump to that part of the video (on YouTube) Slides for this webcast can be found here: https://www.blackhillsinfosec.com/wp-content/uploads/2020/09/SLIDES_ImplementingSysmonAppLocker.pdf 5:03 Introduction, problem statement, and executive problem […]

The post Webcast: Implementing Sysmon and Applocker appeared first on Black Hills Information Security, Inc..

Kent Ickler & Jordan Drysdale // BHIS Webcast and Podcast This post accompanies BHIS’s webcast recorded on August 7, 2018, Active Directory Best Practices to Frustrate Attackers, which you can view below. […]

The post Active Directory Best Practices to Frustrate Attackers: Webcast & Write-up appeared first on Black Hills Information Security, Inc..

Joff Thyer & Derek Banks // Editor’s Note: This is a more in-depth write-up based on the webcast which can be watched here. As penetration testers, we often find ourselves […]

The post How To Do Endpoint Monitoring on a Shoestring Budget – Webcast Write-Up appeared first on Black Hills Information Security, Inc..