Windows Management Instrumentation (WMI) - defending against adversaries | Red Canary

Windows Management Instrumentation (WMI) consistently ranks in our top 20 threats each year. In 2020, we saw more than 700 confirmed threats leveraging WMI. As a staple of many ransomware threats and trojans, WMI has been used in attack toolkits like Empire, Metasploit, Cobalt Strike. Red Canary’s Director of Threat Research Matt Graeber and Director of Incident Handling Greg Bailey help you understand what WMI is, common ways adversaries leverage WMI, how to improve your visibility, and more.

ON DEMAND: Hear from Red Canary, MITRE, and Microsoft during our two-part, live event and detection challenge to uncover tactical strategies for observing and detecting WMI in your environment. https://bit.ly/2WD2doR

Red Canary is a security ally enabling every organization to make its greatest impact without fear of cyber attack. The company provides outcome-focused solutions for security operations teams, who rely on Red Canary to detect threats on their endpoint, network, and cloud environments. With Red Canary, security teams can make a measurable improvement to security operations within minutes. Learn more, visit RedCanary.com.

Follow Red Canary on Twitter:   / redcanary  
+Follow Red Canary on LinkedIn:   / redcanary  
Subscribe to our YouTube channel:    / redcanary  
#wmi | #windowsmanagementinstrumentation | #microsoft