Using Windows Event Log Ids For Threat Hunting Fourcore

Using Windows Event Log IDs for Threat Hunting - FourCore.

Jun 06, 2022 . Choose: Select a necessary technique depending upon the latest threat intelligence or something essential in your organization.. Collect: Collect all the necessary data on the technique, such as log sources, event IDs, descriptions etc.. Generate: Generate logs for that event using tools or manually performing the action.Ensure that the records are being ingested..

https://fourcore.io/blogs/threat-hunting-with-windows-event-log-sigma-rules.