I’ll be presenting “TWC: Sysinternals Primer: TechEd 2014 Edition” in Houston, Tuesday, May 13, 2014, 5:00pm-6:15pm US Central Time. Lots of cool stuff, including the “App Install Recorder” (I will post the scripts on this blog); great new features that Mark Russinovich has added to AccessChk, SigCheck, Process Explorer, and how you can use them proactively to find hidden security issues; and more.
[Update 5 September 2014: the App Install Recorder scripts I demoed needed a major revamp but they’ve been posted.]
At the same conference, Mark will also present “TWC: Malware Hunting with Mark Russinovich and the Sysinternals Tools” and his ever-popular “Case of the Unexplained: Troubleshooting with Mark Russinovich”.
I also highly recommend the session Mark is co-presenting with Nathan Ide, “TWC: Pass-the-Hash: How Attackers Spread and How to Stop Them.” They’ll show how PTH works and demo the powerful new mitigations that were added to Windows 8.1 and Windows Server 2012 R2.
(The Trustworthy Computing track is branding all its sessions with “TWC:” in the session titles.)
I hope to see you there!