![]() Anti-Corruption and Employee Misuse DetectionÄrivers can be used to help mitigate employee misuse and as an anti-corruption mechanism. If monitoring activities take place at a low level, as in this case, then it is harder for malware or an intruder to detect and remove the tool or otherwise interfere with it. Information such as process creation, registry key information, and network connections is gathered, to allow monitoring for malware and malicious activity. ![]() NCCGroup Windows Activity Logger is a product developed to allow low-level monitoring of activity taking place across sensitive systems. Areas in which the use of drivers has proven beneficial include: NCCGroup Windows Activity Logger In addition to providing an interesting area of research, drivers have a number of uses directly relating to security. This initial blog post will address some of the issues that may arise, and suggest solutions to these problems. When this automation fails, documentation is sparse. ![]() The initial stages of the project were difficult and frustrating, as driver deployment and testing for Windows has recently been tied in with Visual Studio and is largely automated. The project started as an attempt to understand drivers and low-level system programming by developing a driver to exercise a wide range of functionality. This is the first in a series of blog posts relating to driver development on Windows systems. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
December 2022
Categories |