🛡️ Endpoint Security Monitoring
📖 What is Endpoint Security Monitoring?
Endpoint Security Monitoring involves continuously observing endpoints such as workstations, servers, and devices for malicious activity, unauthorized access, or policy violations.
It combines log analysis, behavioral monitoring, and security tools to detect and respond to threats at the endpoint level.
📌 Modules Completed
- Intro to Endpoint Security
- Core Windows Processes
- Sysinternals
- Windows Event Logs
- Sysmon
- Osquery: The Basics
- Wazuh
- Monday Monitor
- Retracted
🎯 Skills Gained
- Analyzing core Windows processes to identify malicious behavior
- Using Sysinternals to inspect running processes, services, and network activity
- Monitoring and investigating events through Windows Event Logs and Sysmon
- Querying endpoint artifacts using Osquery
- Collecting and analyzing endpoint logs with Wazuh for intrusion detection
- Establishing endpoint monitoring workflows and generating actionable alerts
📑 Case Studies
-
Sysinternals for Threat Hunting
Leveraged Sysinternals tools to analyze running processes, network connections, and persistence techniques.
Read Full Case Study → -
Sysmon Event Analysis
Built detections and investigated suspicious behavior using Sysmon logs.
Read Full Case Study → -
Endpoint Detection with Wazuh
Used Wazuh to collect and analyze endpoint logs for intrusion detection and monitoring.
Read Full Case Study →
✅ Lessons Learned
- Continuous monitoring of endpoints is crucial for early detection of threats.
- Sysinternals provides deep visibility into processes, registry activity, and network connections.
- Sysmon logs allow for the creation of targeted detection rules to identify suspicious behavior.
- Osquery enables querying endpoint artifacts efficiently across multiple systems.
- Wazuh integrates logs, alerts, and detection rules to improve overall endpoint security posture.
- Combining multiple tools increases detection accuracy and supports incident response workflows.
🔗 Navigation
- Back to Portfolio Home