Aurora EDR

To access material, start machines and answer questions login.

Introduction

This room will introduce you to EDRs and Aurora, a Sigma-based tool for writing detection alerts via Windows Event logs.

Learning Objectives

The objectives of this room are:

Introduce EDRs and their functionalities.
Introduce Event Tracing for Windows.
Learn about Aurora and its functionalities to write alerts using event logs.
Investigate suspicious events detected by Aurora.

Prerequisites

It is advisable to check out the following module and rooms before embarking on this room.

Cyber Defense Module
Windows Event Logs
Intro to Detection Engineering
Sigma Room

Answer the questions below

Ready for the room.

Ready to learn Cyber Security?

The Aurora EDR room is only available for premium users. Signup now to access more than 500 free rooms and learn cyber security through a fun, interactive learning environment.

Already have an account? Log in

Aurora EDR

Task 1Introduction

Introduction

Learning Objectives

Prerequisites

Task 2EDR DefinitionPremium

Task 3Event Tracing for WindowsPremium

Task 4AuroraPremium

Task 5Aurora Function TestsPremium

Task 6Aurora Detection GapsPremium

Task 7Interactive ScenarioPremium

Task 8ConclusionPremium

Ready to learn Cyber Security?