2 Hours
Threat Hunting for Windows Persistence Artefacts
There are many ways for a threat actor to maintain persistence in Windows systems. We'll take a look at some common persistence mechanisms, where to look and what can be done to detect them.
Company
This is some text inside of a div block.
Category
This is some text inside of a div block.
Date
This is some text inside of a div block.
Website
Visit website
Detect the most common persistence mechanisms.
There are many ways for a threat actor to maintain persistence in windows systems, we'll take a look at some common persistence mechanisms, where to look and what can be done to detect them.
We'll talk through each persistence mechanism, their purpose and legitimate usage and then how they are abused by threat actors. Such as:
- Scheduled Tasks
- Registry Run Keys/ Start up folder
- Start Up Items
- Windows Services