MITRE ATT&CK Framework | DFIRHive

top of page

ChatGPT Image Sep 20, 2025, 11_07_51 AM.png

THE DFIR BLOG-Learn, Hunt, Investigate

Search

A digital illustration in cool blue tones visualizing cybersecurity and digital forensics — showing abstract data streams, system nodes, and network connections to represent Windows Threat Detection phases: discovery, collection, and ingress tool transfer.

A digital illustration in cool blue tones visualizing cybersecurity and digital forensics — showing abstract data streams, system nodes, and network connections to represent Windows Threat Detection phases: discovery, collection, and ingress tool transfer.

Windows Threat Detection: Discovery, Collection, and Ingress Tool Transfer

Attackers don’t stop after breaching a system — they start exploring, collecting, and arming themselves. This second part of Windows Threat Detection reveals how discovery, data collection, and tool transfer unfold through real-world cases and Windows telemetry.

DFIRHive

Oct 265 min read

bottom of page