Working as a SOC Analyst for the summer, I've stumbled across a plethora of instances in which my coworkers and I would have benefited from a history of previous file and folder modifications. These instances vary per client, however mostly center around files and folders that are seen in our logs but are no longer … Continue reading Auditing File & Folder Access on Windows with Local Security Policy
Burnham Forensics 