Windows AMSI Bypass — The turning point for an Endpoint Analytics eval
Published in
7 min readJul 14, 2023
This is a short article highlighting the benefits of rich log telemetry when coupled with advanced Endpoint Analytics content.
The exercise presented here is based on an out-of-band “Attack Lab” built by one of my colleagues in a project focused on Detection Validation process.