Cybersecurity Tip: Best Windows Event ID To Find Malware
HTML-код
- Опубликовано: 30 июл 2024
- Discover the power of one specific Windows Event ID in identifying potential malicious activity. Learn to spot suspicious activities, recognize malware indicators, and leverage this event for effective detection. Strengthen your defenses and stay ahead of threats.
Windows Event ID Reference: www.ultimatewindowssecurity.c...
_________________________________
THE MYDFIR SOC ANALYST COURSE:
With 8 chapters and 30+ hands-on labs tailored to security operations, I am focused on transforming you into a standout SOC analyst. Beyond tools, you'll master the investigation process and uncover hidden details. Let's make a real difference together.
▸Enroll here: academy.mydfir.com/p/soc
_________________________________
SIGN UP FOR FREE MENTORSHIP
Getting started in Cybersecurity is difficult and you don't have to do it alone.
Let me help you on your journey.
▸Sign up for FREE here: www.mydfir.com/mentorship
_________________________________
RECOMMEND COURSES FOR BEGINNERS:
Coursera Google Cybersecurity Program
Affiliate Link - imp.i384100.net/mydfir
Microsoft Cybersecurity Analyst Professional Certificate
Affiliate Link - imp.i384100.net/mydfir-MS
Coursera Google IT Support Professional Certificate
Affiliate Link - imp.i384100.net/mydfir-IT
_________________________________
PRODUCTS TO HELP YOU GET STARTED
🗺️ 1-Year Cybersecurity Roadmap: mydfir.gumroad.com/l/roadmap
📄 Resume Template: mydfir.gumroad.com/l/Resume-T...
📑 Cover Letter Template: mydfir.gumroad.com/l/Cover-Le...
🎙️ Interview Questions: www.mydfir.com/interview
📚 Cybersecurity bookmarks: mydfir.gumroad.com/l/bookmarks
_________________________________
EARLY ACCESS & EXCLUSIVE VIDEOS
Patreon: / mydfir
_________________________________
🕒 TIMELINE
00:00 - Intro
00:26 - What are Event IDs?
00:55 - How to avoid confusion
01:15 - Best Windows Event ID
01:40 - Introduction to Best Windows Event ID
02:58 - Demo
10:05 - Resource for more information on Event IDs
_________________________________
FOLLOW ME ON SOCIAL MEDIA:
▸Instagram: / mydfir
▸X: x.com/@MyDFIR
Disclaimer: All opinions in my videos are solely my own. Some links provided are affiliate links!
#cybersecurity #cybersecuritytrainingforbeginners #cybersecurityforbeginners #socanalyst #soc
We just covered this last night in my Cybersecurity course. Thank you for the additional explanation regarding event ID
Awesome! Hopefully you are learning lots from the course 😃
Do you mind sharing the course that you are taking?
Always on point
Excellent 😁
thank you, my friend. Good to know this.
Anytime! Event IDs is something easy to get overwhelmed. But fear not, Google is your friend when you need more info on Event IDs😜
Great information, thanks.
Glad it was helpful!
I appreciate your channel so much, Thank you
You are so welcome!
very informative👍
Thanks! Hopefully learned something new 😀
Perfection level🎉🎉🎉
Thanks for watching ❤️
You have mentioned in the future you show us a tool which is better for These logs.which will be that tool?
This Thursday ill be showing you one tool we can use to view these event logs. But another tool i like to use is called Event Log Explorer.
@@MyDFIR thanks 🙏 great News
Kool👍
Thanks for watching!
Great Job
how to filter log eventid:4625 with logon type=3
You can filter using powershell or push the logs over to Splunk
5061 pls no
Whew. It was just some system integrity audit failure oh well
LOL 4624 type 10 service account pls no