Hope you all enjoyed today's session - I love seeing this end of the chain; as Ben said on the EMEA session, this is the 'fun' bit where everything we've learnt so far comes together!
Here's links to a few resources that we mentioned today:
And here's a link to an article comparing SIEM to MTR - building on what Kris spoke to in our session this afternoon. https://partnernews.sophos.com/en-us/2020/02/products/mtr-or-siem/
Anything else you need, let us know in the comments below!
Just to notice that the original PowerShell Empire hasn't been supported since 2019 so maybe share the link to the forked version by BC Security?