Security News > 2018 > July > Is Windows ShimCache a threat hunting goldmine?

Enterprise-wide threat hunting sounds like a daunting task and for inexperienced forensic analysts it certainly can be. However, there are various techniques that can be used to provide the most bang for your buck and start producing results quickly. This article, will focus on how to leverage a computer’s Windows Application Compatibility Cache, a.k.a. ShimCache, and discuss the benefits in doing so, given the wealth of information that can be stored within such a small … More → The post Is Windows ShimCache a threat hunting goldmine? appeared first on Help Net Security.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/Kcu66p3bReI/