How to optimize Windows event logging to better investigate attacks

How to optimize Windows event logging to better investigate attacks

2 septembre 2020 Non Par Veille-cyber

After a compromise, the first thing investigators will do is review the log files. The default logging on Windows machines, however, does not capture enough information to identify forensic artifacts. You can adjust your logging settings to get enough information to investigate attacks.

Source : How to optimize Windows event logging to better investigate attacks