2 Hours
Threat Hunting for Windows Persistence Artefacts
There are many ways for a threat actor to maintain persistence in Windows systems. We'll take a look at some common persistence mechanisms, where to look and what can be done to detect them.
Company
This is some text inside of a div block.
Category
This is some text inside of a div block.
Date
This is some text inside of a div block.
Website
Visit website
Detect the most common persistence mechanisms.
There are many ways for a threat actor to maintain persistence in windows systems, we'll take a look at some common persistence mechanisms, where to look and what can be done to detect them.
We'll talk through each persistence mechanism, their purpose and legitimate usage and then how they are abused by threat actors. Such as:
- Scheduled Tasks
- Registry Run Keys/ Start up folder
- Start Up Items
- Windows Services
Register your interest in MISP Kickstart training from Cosive.
Leave your details with us and we'll let you know about upcoming MISP training workshops in your timezone.
Thank you! We've received your details and will be in touch with future updates.
Oops! Something went wrong while submitting the form.
Register your interest in MISP Kickstart training from Cosive.
Leave your details with us and we'll let you know about upcoming MISP training workshops in your timezone.
Thank you! We've received your details and will be in touch with future updates.
Oops! Something went wrong while submitting the form.