All the Little Things

Windows Instrumentation and Events - from a practitioner's perspective

Detecting Password Filter changes

Part 3 of the Event type series will continue next week, with the ProjectSauron released I sped this...

Date: 08/09/2016

The Good, the bad, and the ugly: Part 2 - Legacy API

In the previous post I described the current, manifested event provider system that was introduced...

Date: 08/05/2016

The Good, the bad, and the ugly: A 3 part series about Windows Event Log schemas

One question that comes up frequently is a frustration with event schemas. Common statements I've...

Date: 05/27/2016