Home
Talks
CFP Guide
What is BSides?
About
Contact
Light
← All talks
Tool
BSides talks featuring Event Viewer
46
talks mention this tool across
31
BSides chapters.
Talks featuring Event Viewer
44:35
Anti-forensics Techniques Used By Threat Actors In The Wild
Hela Lucas
BSides London
· 2024
Technical
DFIR
Malware Analysis
Blue
Case Studies and Incidents Analysis
Talk
Open →
2024-02
27:13
BSides Iowa 2018: "Threat Hunting Windows Event Logs w/ Powershell"
BSides Iowa
Open →
2018-04
47:22
BSidesCharm 2023 - Detecting and Triaging Modern Windows Rootkits - Andrew Case
BSides Charm
Open →
2023-05
50:58
It, Do it Live (PowerShell Digital Forensics)
Jared Atkinson
BSides DC
· 2015
Technical
Blue
Demo
Talk
Open →
2015-11
45:11
Boston BSides - Ryan Nolette - Protect Against CryptoLocker Ransomware
BSides Boston
Open →
2016-07
46:18
Log All The Things! Proactive Forensics using Log Analysis
Aaron Beuhring
Kyle Salous
BSides DC
· 2015
Technical
Talk
Open →
2015-11
51:42
Modern Memory Forensics with Volatility 3
Andrew Case
BSides Seattle
Technical
Talk
Open →
2024-10
30:06
Windows Event Forwarding and OSSEC — You can do this!
Robert Wilson
BSides Augusta
· 2018
Technical
DevSecOps
Blue
Talk
Open →
2018-11
50:50
Push comes to shove: exploring SCCM attack paths - Brandon Colley
Brandon Colley
BSides KC
· 2022
Technical
Active Directory
Red
Demo
Talk
Open →
2022-10
43:12
Tracking Malicious Logon: Visualize and Analyze Active Directory Event Logs
Shusei Tomonaga
Tomoaki Tani
BSides Las Vegas
· 2018
Technical
Active Directory
DFIR
Threat Intel
Blue
Talk
Open →
2018-09
32:47
Domain Persistence in Active Directory: Detection, Triage, and Recovery
Nicolas Shyne
BSides Belfast
· 2025
Technical
Active Directory
Kerberos
Blue
Talk
Open →
2025-02
55:44
Fernando Tomlinson - Gaining 20/20 vision during an incident with PowerShell
Fernando Tomlinson
BSides Augusta
· 2019
Technical
DFIR
Detection Engineering
Malware Analysis
Blue
Talk
Open →
2019-10
57:04
Network Segmentation without a Network Engineer
Mike Burns
BSides Charm
· 2024
Technical
Active Directory
Detection Engineering
Network Security
Talk
Open →
2024-06
27:06
Automating security with PowerShell
Jaap Brasser
BSides Amsterdam
· 2017
Technical
Blue
Red
Demo
Talk
Open →
2017-09
47:46
BSidesSLC 2016 -- Preparing 4 PowerShellmageddon -- Chad Tilbury
BSides SLC
Open →
2016-05
50:12
Protect Your Most Sensitive Users With the Protected Users Group
Jake Hildreth
BSides Charm
· 2024
Technical
Active Directory
Kerberos
Blue
Talk
Open →
2024-06
42:15
BSidesAugusta 2014 Tim Crothers - Techniques for Fast Windows Investigations
BSides Augusta
Open →
2014-09
34:13
From Panic To Protocol: Digital Forensics & Incident Response
Rory Wagner
BSides Leeds
Technical
DFIR
Intro
Blue
Talk
Open →
2024-08
20:27
Georgios Karantzas - It's Duck Season: Forensic Detection of BadUsb Attacks
Georgios Karantzas
BSides TLV
· 2023
Technical
DFIR
Detection Engineering
Hardware Hacking
Talk
Open →
2023-07
44:59
Tony Lambert - Spotting Lateral Movement with Endpoint Data
Tony Lambert
BSides Augusta
· 2019
Technical
Talk
Open →
2019-10
40:37
How EDRs See Everything (Until They Don't)
Jacob Kalat
Bsides CT
· 2025
Technical
Detection Engineering
Reverse Engineering
Technical Deep-dives
Talk
Open →
2025-12
45:51
Digital Forensics – The Importance of Forensic Triage Images by Ryan Irving
Ryan Irving
BSides Tampa
Technical
Talk
Open →
2024-05
48:51
PowerShell pew pew pew: Skillz 4 blue team
Ashley McGlone
BSides Columbus
· 2020
Technical
Detection Engineering
Blue
Talk
Open →
2020-08
20:21
BSidesMCR 2019: Malicious Behavior Detection Using WMI - Ben Lister
BSides Manchester
Open →
2019-09
53:48
Having your pick of the litter: Storing Malware Stagers in Enterprise Services
Fernando Tomlinson
BSides Charleston
· 2019
Technical
Talk
Open →
2019-11
49:35
BSidesROC 2025 - Investigating a Malicious Script in Microsoft Intune - Dennis Labossiere
BSidesROC
Open →
2025-03
32:09
BSides DC 2019 - Digital Canaries in Coal Mines: Detecting Adversarial Enumeration with DNS & AD
Stephan Borosh
BSides DC
· 2019
Technical
Active Directory
Talk
Open →
2019-10
51:15
Microsoft Quick Assist
Tyler Hudak
BSidesROC
· 2025
Technical
Talk
Open →
2025-03
44:25
Domain Persistence- Detection, Triage, and Recovery - Joshua Prager
Joshua Prager
BSides SATX
· 2024
Technical
Active Directory
Blue
Red
Talk
Open →
2024-06
49:26
Sysmon or it Didn't Happen
Gerard Johansen
BSides Charm
· 2024
Technical
DFIR
Detection Engineering
Blue
Talk
Open →
2024-06
41:12
Detecting Ghouls & Ghosts in the Wires
Michael Edie
BSides Augusta
Technical
Blue
Demo
Talk
Open →
2023-10
34:50
AMSI: O cão de guarda que late mas não morde?
Mario Lobo Romero
BSides São Paulo
· 2025
Technical
Detection Engineering
Malware Analysis
Technical Deep-dives
Talk
Open →
2025-06
29:36
Pi$$ing Off An APT - Ed Williams
Ed Williams
BSides Bristol
· 2019
Talk
Open →
2019-07
45:00
Intelligence Driven Incident Response
Vito Alfano
Artem Artemov
BSides Zagreb
· 2024
Technical
DFIR
Threat Intel
Threat Modeling
Case Studies and Incidents Analysis
Talk
Open →
2025-03
26:56
BSdiesSLC 2015 -- What To Do When "Something Bad" Has Happened -- Jason Wood
BSides SLC
Open →
2015-04
52:37
Building the Panopticon: Centralized Logging and Alerting With Free Tools
Matthew Gracie
BSidesROC
· 2018
Technical
Blue
Talk
Open →
2018-04
21:37
Threat Actors Do the Funniest Things - Peter Mackenzie
Peter Mackenzie
BSides Bournemouth
· 2025
War Stories
DFIR
Malware Analysis
Intro
Blue
Talk
Open →
2025-09
49:15
Doesn't It make You WannaCry: Mitigating Ransomware on a Windows Network
David Branscome
BSides Charleston
· 2018
Technical
Malware Analysis
Network Security
Supply Chain Security
Blue
Demo
Talk
Open →
2018-11
48:07
Can You Hear Me Now? Good — Because Volt Typhoon Can, Too
David Branscome
BSides Augusta
· 2025
Technical
Active Directory
Detection Engineering
Threat Intel
Case Studies and Incidents Analysis
Talk
Open →
2025-10
47:03
Have Your Pick of the Litter
Fernando Tomlinson
BSides Charlotte
· 2019
Open →
2019-11
1:00:30
Stolen Laptops: Modern Physical Access Attacks with DMA and Firmware Exploitation
Pierre Nicolas Allard Coutu
BSides Vancouver Island
· 2025
Technical
Hardware Hacking
Physical Security
Reverse Engineering
Advanced
Blue
Red
Technical Deep-dives
+1
Open →
2026-03
49:39
Supercharge Your SOC with Sysmon
Chris Lee
Matthew Giannetto
BSides Philly
· 2018
Technical
DFIR
Detection Engineering
Malware Analysis
Blue
Talk
Open →
2018-11
47:33
Network Survival WCS
James Costello
BSides Las Vegas
· 2013
Technical
Active Directory
Network Security
Talk
Open →
2017-01
46:23
Getting started...help me help you
David Trollman
BSidesSF
· 2015
Talk
Open →
2023-12
48:44
You Need a PROcess to Check Your Running Processes and Modules
Michael Goff
BSides Newcastle
· 2020
Technical
DFIR
Malware Analysis
Blue
Technical Deep-dives
Talk
Open →
2020-11
46:37
Malware Persistence in Windows
Peter Morin
BSides Calgary
· 2022
Technical
Malware Analysis
Talk
Open →
2022-12
