How much time are you spending manually parsing and sorting event logs? With EvtxECmd, digital forensics professionals can optimize Windows event log analysis through its unique mapping feature. Created by Eric Zimmerman, EvtxECmd can be called via the EZParser module in KAPE (another tool created by Eric Zimmerman) to process thousands of events in seconds and create structured CSV files that are much easier to read and manipulate.
In this session, Kroll’s Andrew Rathbun will demonstrate how to run EvtxECmd through KAPE to expedite event log analysis and how to create your own custom maps.
Watch the on-demand Webcast Now.
Key Takeaways
Tools used in this session:
Speaker: Andrew Rathbun, Senior Associate, Cyber Risk, Kroll
Incident response, digital forensics, breach notification, managed detection services, penetration testing, cyber assessments and advisory.
Find, collect and process forensically useful artifacts in minutes.
Stop cyberattacks. Kroll Responder managed detection and response is fueled by seasoned IR experts and frontline threat intelligence to deliver unrivaled response.
Kroll is the largest global IR provider with experienced responders who can handle the entire security incident lifecycle.
Validate your cyber defenses against real-world threats. Kroll’s world-class penetration testing services bring together front-line threat intelligence, thousands of hours of cyber security assessments completed each year and a team of certified cyber experts — the foundation for our sophisticated and scalable approach.
Kroll’s ransomware preparedness assessment helps your organization avoid ransomware attacks by examining 14 crucial security areas and attack vectors.