When Logging Everything Becomes an Issue

Edward Ruprecht
Oct 25 · 1 min read

Today I had the great opportunity of presenting at The Wild West Hackin’ Fest conference presenting on the potential dangers of logging everything. The talk is based off of my previous post “Log Everything Right?” which highlighted risks of logging everything.

In the talk I also discussed options to identify Passwords stored in Sysmon and PowerShell logs using a KANSA IR Module looking for common processes that may contain passwords in the command line.

You can find the slides from my talk — https://docs.google.com/presentation/d/12rMlIRE3136TlRnbhs65V-rqZTo_u-T7raEwUu2P2L4/edit?usp=sharing

Resources discussed at the end of the talk:

Edward Ruprecht

Written by

Security Researcher— Network Defender. http://twitter.com/e__rupert

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade