back to top

Windows Log Analysis – SIEMless Threat Hunting

By C5W Team
1290

It is commonly considered that threat hunting is a more advanced skill utilized only by companies with more mature cybersecurity programs. To a certain extent, that is accurate. SMBs may have some simple firewalls in place, EDR on their systems, decent password policies and 2-Factor authentication, and that’s it! But every organization of every size and every vertical can benefit from looking for clues of attacks that may have already happened, and you just don’t know it! And you can start simply by doing a little bit of Windows Log Analysis.

Yes… we can learn the basics of threat hunting while simultaneously shoring up the defenses of any group, team or organization using simple tools built into Windows and an amazing open source tool called Chainsaw. And don’t worry. We provide not only the logs containing clues of incidents but also a Windows Virtual Machine hosted in the cloud for you to play and learn in a safe environment.

Price = $45 (25% Off) $60 w/ Code CYBER25

Course Details & Purchase >

What do I get?

Students get their own web-based Windows VM to get hands-on experience with the tools and techniques taught in the course. You will also be provided with numerous log samples to investigate. Step-by-step instructions are provided, so you’re never lost!

Windows Log Analysis covers:

This course teaches you the basics of threat hunting without having to spend untold amounts of many, loads of hardware and software, and having a mature enterprise in place with your own SOC, SIEM, Incident Response team and then comes Threat Hunting! Not even sure what any of those are? Don’t worry. In the next Lesson, we’ll start with defining what each of those are in order of how a typical mature org might implement them. The reason behind this is to show you that there ARE ways to skip a few of those steps and do some rudimentary threat hunting without an extensive security infrastructure that normally is in place beforehand. And you small group will be all the better for it!

0️⃣ Course Introduction
1️⃣ SIEMless Threat Hunting
2️⃣ Initial Access Payloads (5 Example Cases and 4 Labs)
3️⃣ Anomaly Detection (3 Example Cases and 2 Labs)
4️⃣ Wrap Up

Prerequisites for Windows Log Analysis

No prior knowledge is assumed although basic familiarity with Windows Admin Tools, the command line and virtual machines (VMs) are recommended.

Course Details & Purchase >
Avatar photo

C5W Team

Cyber5W is a team of digital forensics specialists dedicated to helping businesses, law enforcement, and individuals understand and investigate cybercrime. We love solving puzzles, teaching, and asking questions (who, what, when, where, why) – which is why “5W” is part of our company’s name.

Announcements

Cyber Monday December!

Code "CYBER25" = 25% Off ALL Courses until Mid ET Dec 31! Excludes Bundles & NameYourPrice items.

New Releases

Windows Log Analysis - SIEMless Threat Hunting Learn threat hunting basics using only simple Windows Log Analysis & open source tools. Just $45 w/ labs!

🆓 Upskill Challenge Golang CLI Apps - Give Brandon Keath 30 minutes, and you'll code your 1st working Golang hacking tool!

Top Picks

- ConDef 2025 Only $375 w/ Code CYBER25!
- The Mishaal Bundle
- Phishing – A Technical Course for Red Teaming

Courses In Production

WMD 5, WebApp Pentesting - Jr Analyst, Network Pentesting - Jr Analyst, Dark Web 2... Stay tuned!

Additional content in this category:
Course

Explore Ways to Learn

Affordable Education

Taught by Experienced Practitioners