Tracking User Behavior using the Windows Registry

Watch this webinar and learn how to use the Windows Registry to track file changes on remote devices and improve your corporate network security.

Tracking User Behavior using the Windows Registry

The Windows Registry has been around forever, and is sometimes looked at as a HIVE of random chaos. However, even after all these years there is a lot of great information that can be pulled from the registry. This presentation is going to show investigators some key artifacts when working with the Registry (and other system files). Specifically we will show file change activity allowing you to determine when files were edited or moved.

Join and learn:

  • Why should we still care about the Registry?
  • Why you should have remote collection abilities within your corporate network.
  • Can you collect from your company assets not connected to the company VPN?
  • Show the workflow of working with remote collection and the registry to monitor file change on an asset of interest.

View On-Demand Webcast

Related Resources

Exterro hosted 2 16 23 wc blog 230x230

How to Ensure Departing Employees Don't Turn Into Insider Threats

Offboarding employees after they've resigned or been terminated is largely a routine process; they turn in their devices, which can then be imaged and archived. But are you routinely investigating their computer activity leading up their departure?

Download Now

Exterro 3 capabilities you need for remote investigations infographic thumbnail BLOG 230x230

3 Capabilities You Need for Remote Investigations

Learn the technology capabilities you need to conduct investigations in today's remote-first enterprise environment.

Download Now

The Basics of Digital Forensics Chapter 2 230x230

The Basics of Digital Forensics—The Forensic Investigation Process

Download the 2nd chapter of Exterro's Basics of Digital Forensics series to learn more about the digital forensic investigation process.

Download Now