Incident Response (IR) tools and techniques

Identifying the appropriate tool to protect your network can be difficult. To help we have collated details on various tools and techniques that can be used to defend corporate networks that are open source or available for free.

The presentation covers topics including the AutoRun Logger and SysMon Logger systems, AppLocker, EMET, PowerShell, osquery, PassiveDNS, memory forensics and canary tokens.

Download presentation