Loading user information from Channel 9

Something went wrong getting user information from Channel 9

Latest Achievement:

Loading user information from MSDN

Something went wrong getting user information from MSDN

Visual Studio Achievements

Latest Achievement:

Loading Visual Studio Achievements

Something went wrong getting the Visual Studio Achievements

TWC: CSI: Windows - Techniques for Finding the Cause of the Unexpected System Takeovers

1 hour, 15 minutes, 34 seconds


Right click “Save as…”

Slides (view online)

OK, so an attacker got into your infrastructure, used server’s misconfiguration, created themselves an account and… Exactly! And what? Or maybe you would like to know where to gather information about activities in an operating system. In both cases, this session is for you! This is the moment that we wonder what else could happen beyond what we can see, and if it is possible to trace hacker’s activities in our systems. Yes it is! By performing several analyses we are able to get enough evidence of performed malicious actions. This type of monitoring can be also useful when performing the regular investigation of what happened in the system, not only from the attacker’s perspective. Come and see what it means to be hacked and that nothing can be completely hidden! During this session you will become familiar with tracing system related situations and how to establish informative monitoring that can alarm you if something goes wrong in your environment. This session is a real deep-dive into the monitoring world so be prepared for a hard-core technical ride!

Follow the discussion

  • Oops, something didn't work.

    Getting subscription
    Subscribe to this conversation
  • This was a great session. It was really good to have an environment where we could walk through this sort of information and discuss it openly for the purposes of securing our environments.

    When should we expect the recording of the session to be available? There was a lot of valuable information from the actual session itself.

  • This is the first session from Paula, why it is not available yet while the others already there?

  • johanjohan

    Hope to see thissessioon online in thenext few days. Please guys.

  • Was it recorded or not?

  • was this session not recorded :(  This was the one that I had planned to have my colleagues watch.  Can someone confirm if this was recorded or not please?

  • Hi! It was recorded - it was going through the editing process, I was also concerned about that! But all is good right now and video should be available soon :) I have the confirmation from the TechEd Team so let's keep fingers crossed!

  • DavidLDavidL

    Thanks Paula,
    What is to edit ?
    Unless you revealed something somone didn't want showed ? ;)

Remove this comment

Remove this thread


Comments closed

Comments have been closed since this content was published more than 30 days ago, but if you'd like to continue the conversation, please create a new thread in our Forums, or Contact Us and let us know.