Defend Your Time
The podcast where we help you get stronger security, more value, and fewer headaches out of your Microsoft security investments.
Defend Your Time
The Best Open-Source Tools for DFIR
•
Non-Stop SecOps
Use Left/Right to seek, Home/End to jump to start or end. Hold shift to jump forward or backward.
SOC Analyst Andrew Tranter shares a few of his favorite open-source tools that - when combined with Windows event logs - can uplevel your DFIR efforts. Andrew covers specific use cases as well as how to get started with Hayabusa (Yamato-Security), Chainsaw (WithSecureLabs), and Timeline Explorer (Eric Zimmerman).