Section Contents

• 📄 LetsDefend: Splunking Endpoint

  Using SPL (Search Processing Language) to find lateral movement.

• 📄 LetsDefend: Threat Hunting with Sysmon

  Proactive threat hunting using Sysmon logs. Detecting 'Living off the Land' binaries map exploits using Event IDs 1, 3, and 11.