Through The EDR Lens
A link to the presentation given at Steelcon, 2023.
PreviousObfuscating Reflective DLL Memory Regions with TimersNextWindows Processes, Nefarious Anomalies, And You
Last updated
A link to the presentation given at Steelcon, 2023.
Last updated
At SteelCon in July 2023, @__mez0__ gave a talk which took a look at the telemetry that EDRs can gain access to. This data was shaped into JSON to demonstrate how the enrichment process between telemetry sources can provide a clear picture on an applications behaviour.
The PDF export of the slides can be found below.