This site uses cookies to improve your experience. By viewing our content, you are accepting the use of cookies. To help us insure we adhere to various privacy regulations, please select your country/region of residence. If you do not select a country we will assume you are from the United States. View our privacy policy and terms of use.

Remove 2022 Remove Blog Remove Data preservation Remove Engineering
article thumbnail

Reverse, Reveal, Recover: Windows Defender Quarantine Forensics

Fox IT

DECEMBER 13, 2023

Reverse engineering mpengine.dll resulted in finding previously undocumented metadata in the Windows Defender quarantine folder that can be used for digital forensics and incident response. Rather than just presenting our results, we’ve structured this blog to also describe the process to how we got there.

Encryption 128
Encryption Antivirus Engineering Data preservation 128
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

 

Stay Connected

Join 28,000+ Insiders by signing up for our newsletter

About
About
Editions
Editions
Topics
Powered by Aggregage | Terms and Conditions | Your California Rights and Privacy Policy
© Aggregage 2024