LAB: Windows services anomaly detection script
New post out over at https://guppysecurity.com/windows-services-anomaly-detection-script/
In this post you will learn that there exist something called services in Windows and a little on how they work. Services also are commonly used by attackers for gaining persistence and that is why you as a security practioner need to find anomalies in your services.
This can be done with the Python script outlied in the LAB below: