Search This Blog

Monday, August 1, 2016

LOG-MD Selected For Blackhat Arsenal Based On The 'Windows Logging Cheat Sheet'

https://www.blackhat.com/us-16/arsenal.html#log-md
Come on by Blackhat Arsenal Thursday and check out LOG-MD in action with the latest version on how to check, set, and harvest malwarious activity on Windows systems.


Michael Gough & Brian Boettcher
Palm Foyer, Level 3, Station 8
Thursday Aug 4th - 16:00 - 17:50
Based on the 'Windows Logging Cheat Sheet' LOG-MD audits a Windows system for compliance to the 'Windows Logging Cheat Sheet', CIS, US-GCB and AU-ACSC standards, and if it fails creates a nice report to help you know what to set and then guides you where to set the items needed to pass the audit check.  Once properly configured, LOG-MD then harvests security related log data to help you investigate a suspect system.
In addition LOG-MD can perform full file system hashing to create a baseline that can be used to compare against a suspect system.  LOG-MD can also baseline the registry and compare a suspect system registry to a known good baseline to find altered settings and even look for LARGE Reg keys where malware is hiding payloads.
Come by Blackhat Arsenal and check us out and maybe get a goody too ;-)