Category Archives: Windows OS

Credential Access and lateral movement: What can attackers do with the stolen credentials?

Today I would like to cover two well-known tactics, which will be Credential Access and Lateral Movement. Both of these tactics consist of relevant techniques that attackers have been using in the wild. Examples are Credential Dumping and Pass the Hash. Despite that these techniques are relative old. It is still very important these days. Having a good understanding on

Read more

Why are Windows Defender AV logs so important and how to monitor them with Azure Sentinel?

Today we are going to talk about our good old friend or better known as Windows Defender AV. Not to confuse with the EDR solution that’s called ”Defender for Endpoint”. Windows Defender is the traditional out of the box antivirus for a Windows machine. In this blog post, we are going to explain why it is relevant to keep an

Read more