Tracking User Behavior using the Windows Registry

Watch this webinar and learn how to use the Windows Registry to track file changes on remote devices and improve your corporate network security.

Tracking User Behavior using the Windows Registry

The Windows Registry has been around forever, and is sometimes looked at as a HIVE of random chaos. However, even after all these years there is a lot of great information that can be pulled from the registry. This presentation is going to show investigators some key artifacts when working with the Registry (and other system files). Specifically we will show file change activity allowing you to determine when files were edited or moved.

Join and learn:

  • Why should we still care about the Registry?
  • Why you should have remote collection abilities within your corporate network.
  • Can you collect from your company assets not connected to the company VPN?
  • Show the workflow of working with remote collection and the registry to monitor file change on an asset of interest.

View On-Demand Webcast