Why cyberattacks are so difficult to trace back? They are usually carried out by smart hackers who finish the raid without a noticeable trace. Sometimes they get caught, but most of the time they still run free. So what to do when the bad guys are trying to access our corporate data? During this super intense session, the audience will learn how to establish informative monitoring that can alarm you if something goes wrong in your environment. They will be brought to the advanced level of monitoring the Windows operating system so that next time something happens in their infrastructure, they will be able to collect data traces correctly. We will review the signs and symptoms of your systems being attacked and demonstrate ways of detecting intrusion patterns. During the presentation, Paula will demonstrate the most up-to-date attacks, corresponding with techniques of discovery. It is going to be a super engaging session that showcases the best practices for information extraction. Participants will receive ready-to-launch instructions about how to extract information from various places in the operating system and monitoring solutions. After this session, they will be able to evaluate their infrastructure for exploitable vulnerabilities and find out how to recover the evidence attackers leave behind. Extremely technical session!