all InfoSec news
Understanding Telemetry: Kernel Callbacks
Malware Analysis, News and Indicators - Latest topics malware.news
Introduction
I’ve published blogs around telemetry mechanisms like Event Tracing for Windows (ETW) in the Uncovering Windows Events series, but one mechanism I haven’t discussed yet are kernel callback functions. This was mentioned in one of the DCP Live episodes that Jared Atkinson and I host on Mondays so I figured a write-up would help listeners (or people in general) better understand what kernel callback functions are and how vendors leverage them to get insight into activity.
In my opinion, …
blogs callback episodes event events functions host jared kernel live series telemetry tracing understanding windows write-up