all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

ETW internals for security research and forensics

Add to bookmarks
Nov. 22, 2023, 1:10 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

By Yarden Shafir


Why has Event Tracing for Windows (ETW) become so pivotal for endpoint detection and response (EDR) solutions in Windows 10 and 11? The answer lies in the value of the intelligence it provides to security tools through secure ETW channels, which are now also a target for offensive researchers looking to bypass detections.


In this deep dive, we’re not just discussing ETW’s functionalities; we’re exploring how ETW works internally so you can conduct novel research or forensic …

detection detection and response edr endpoint endpoint detection endpoint detection and response event forensics intelligence lies offensive research researchers response security security research security tools solutions target tools tracing value windows windows 10

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

How to Incorporate SAST, DAST, and SCA into the SDLC 12 hours ago | malware.news
application application security application security testing application security testing tools +12
Nslookup's Debug Options, (Sun, May 5th) 13 hours ago | malware.news
debug dns machine may +4
Pay up, or else? – Week in security with Tony Anscombe 1 day, 1 hour ago | malware.news
attack caught dilemma hard +10
Sintesi riepilogativa delle campagne malevole nella settimana del 27 Aprile – 3 Maggio 2024 1 day, 4 hours ago | malware.news
cert con cui dei +2
Malware Simulators cannot test Antivirus Software 1 day, 15 hours ago | malware.news
malware analysis topic
Ready2Run - Is dnSpy dead? 1 day, 15 hours ago | malware.news
malware analysis topic
Security above all else—expanding Microsoft’s Secure Future Initiative 1 day, 18 hours ago | malware.news
cyberattacks cybersecurity future high +11
FBI warns of email spoofing by North Korean threat actor Kimsuky 1 day, 21 hours ago | malware.news
actor article dmarc domains +16
You get a passkey, you get a passkey, everyone should get a passkey 2 days, 1 hour ago | malware.news
accounts can consumer cracked +10

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Security Analyst

@ Northwestern Memorial Healthcare | Chicago, IL, United States
View on infosec-jobs.com

GRC Analyst

@ Richemont | Shelton, CT, US
View on infosec-jobs.com

Security Specialist

@ Peraton | Government Site, MD, United States
View on infosec-jobs.com

Information Assurance Security Specialist (IASS)

@ OBXtek Inc. | United States
View on infosec-jobs.com

Cyber Security Technology Analyst

@ Airbus | Bengaluru (Airbus)
View on infosec-jobs.com

Vice President, Cyber Operations Engineer

@ BlackRock | LO9-London - Drapers Gardens
View on infosec-jobs.com
View more jobs