How to Use KAPE and SQLECmd with EventTranscript.db September 21, 2021 Webcast

or to bookmark this page

Click here to bookmark this page

Click here to remove bookmark

EventTranscript.db, a recently discovered Windows 10+ artifact, can track and maintain a wealth of artifacts and data elements. Kroll’s Andrew Rathbun and Josh Mitchell found that Kroll Artifact Parser and Extractor (KAPE), leveraging the EventTranscriptDB Target and SQLECmd Module, will collect the database from any Windows 10+ system if the database is enabled and parse it accordingly.

Join Andrew and Josh for a 30-minute webcast as they walk through the benefits of using the EventTranscriptDB Target using KAPE, parsing EventTranscript.db using !EZParser or SQLECmd Modules and how to set up EventTranscriptDB SQLECmd Map within your local instance of KAPE.

Schedule: 1:00 p.m. – 1:30 p.m. (EST)

Key Takeaways

  • Overview of the DiagTrack service
  • Ways control mechanisms can impact logging
  • Data sampling and how to identify its presence
  • EventTranscript.db in everyday analysis
  • How EventTranscript.db can be the only location of certain information
  • Investigative workflow using the applicable KAPE Target and Module
 

Tools Used in This Session

 

Speakers

2021-09-21T00:00:00.0000000 0001-01-01T00:00:00.0000000 /-/media/kroll/images/events/2021/featured-images/kape-sqlecmd-with-eventtranscript.jpg /en/insights/events/2021/webcast-kape-and-sqlecmd-with-eventtranscript event {E39587AD-8F0B-4FE2-865F-969BC5501096} {09213578-A7CA-4DD8-AE97-7476022C89D6} {3A077BFC-C74A-40AF-A14C-13BCF6E3873E} {CE2347F0-D222-4014-BA97-6A415CC633DF} {2F9D4938-E5F0-4F9C-9A20-C4A5DCF79130} {7A48DD95-1A63-4784-842F-A2BE81EAFE13} {042F6B91-DC71-4D5F-BB23-BFA7E05A37CE} {2DEEE4D2-8278-4C50-B3FF-1563BB257804}

Stay Ahead with Kroll

Cyber Risk

Cyber Risk

Incident response, digital forensics, breach notification, managed detection services, penetration testing, cyber assessments and advisory.

Cyber Risk
Incident Response and Litigation Support

24x7 Incident Response

Compliant notifications, reputation-saving remediation, and litigation support.

24x7 Incident Response
Cyber Risk Retainers

Cyber Risk Retainers

Secure a true cyber risk retainer with elite digital forensics and incident response capabilities.

Cyber Risk Retainers
Kroll Nominated in Two Categories at the Advisen Cyber Risk Awards

Computer Forensics

Expert computer forensic assistance at any stage of a digital investigation or litigation.

Computer Forensics
Anti-Bribery & Corruption Benchmarking Report – 2020

Data Collection and Preservation

Collection and preservation of all electronic evidence including email servers, networks, and more.

Data Collection and Preservation

Insights

Cyber

Forensically Unpacking EventTranscript.db: An Investigative Series

Cyber
Cyber

KAPE Quarterly Update – Q2 2021

Cyber
Cyber

Insider Threat Indicators and Detection: When Employees Turn Ransomware Accomplices

Cyber
Cyber

The THIP Model: Embedding Emotional Intelligence in Third-Party Risk Management

Cyber

Events

Greening the Financial System in the UK – A Session with the FCA

Calendar

Location