Defending against malware with robust and practical application whitelisting
Play Sysinternals Primer: TechEd 2013 Edition
Description
Join us for the fourth edition of the popular Sysinternals Primer series with Aaron Margosis, Mark Russinovich’s co-author of The Windows Sysinternals Administrator’s Reference. The Sysinternals utilities are vital tools for any computer professional on the Windows platform. Mark Russinovich's popular "Case Of The Unexplained" demonstrates some of their capabilities in advanced troubleshooting scenarios. This complementary tutorial series focuses primarily on the utilities themselves, deep-diving into as many features as time will allow. This year’s session describes everything that’s new and improved in the Sysinternals tool set since the book was published two years ago. It’s like an early draft of Sysinternals, Second Edition.
Download
Right click or Alt+Enter to download this episode
The Discussion
-
BradStreet This is always a great session and I go to it every year I go to TechEd. There is always something new, or something that I forgot or missed previously.
-
atc1 Will have to catch the plane so cannot attend this in person. Hope to view the recording of this session to learn more.
-
GoBucks Don't miss this one. It's always seemed to have been scheduled as last day, last session material but it is worth the time. -
PatrikWennberg A must go! Looking forward to this very much!
-
Wayne Cross Always packed so come early.
-
gtatelive I've missed this in the past so I'm making plans to line up early!
-
afsal006 Looking forward for this Primer.
-
cwilder One of the best sessions every year. Hoping to dig into some of the more obscure tools this year.
-
JeffGerard Please do not tell anyone else about this session. I would love to get a seat this time
-
reiter I'm hoping to make this session -- looks interesting!
-
techinct I'll be at this one... Another great sysinternals session.
-
iamsaltman Very much looking forward to this session as there always seems to be something new to learn. Love the tools.
-
MichaelSullivan Which tools will be covered first?
-
DKash I'm looking forward to this - haven't been to this session in a couple of years now.
-
Matt_PD I still miss good old FileMon
Yes, I know about Process Monitor, but it always takes that annoying extra moment to set it all up and exclude all the extraneous (to the case only needing FileMon) content.
Is there perhaps a way to have a feature in Process Monitor (a command line switch) to allow it to _immediately_ start-up in the FileMon-analogous mode straight away?
-
zico Check out Kenny Kerr's "SyncTools for Synsinternals" to always keep your Sysinternals tools up to date.
http://kennykerr.ca/2013/01/04/synctools-for-sysinternals/
Works great for me!
Conversation locked
This conversation has been locked by the site admins. No new comments can be made.
Event Homepage
TechEd North America 2013Related episodes
The Sysinternals tools make you better at your job
Explore Sysinternals primer – Ignite 2016 edition
Sysinternals Primer: Ignite 2105 Edition
Barbarians Inside the Gates: Protecting against Credential Theft and Pass the Hash Today
TWC: Sysinternals Primer: TechEd 2014 Edition
Pass the Hash and Other Credential Theft and Reuse: Preventing Lateral Movement and…
Sysinternals Primer: TechEd 2013 Edition
Windows Sysinternals Primer
Mark Russinovich and Aaron Margosis: Sysinternals, Stuxnet, AMA
