Informative, up-to-date and exciting – the Oneconsult Cybersecurity Blog.

DFIR, Simple: Antivirus as Canary in a Coal Mine
Gregor Wegberg
(updated on: 25.01.2024)

by Gregor Wegberg

During the investigation of successful ransomware attacks, among other things, the logs of the antivirus programs in use are collected and analyzed.

Often, they contain the first indications of the attackers’ attempt to establish themselves in the IT environment, learn more about the environment and escalate existing privileges.

[read the German article]


Keine Beschreibung verfügbar.

Don’t miss anything! Subscribe to our free newsletter.

Your security is our top priority – our specialists provide you with professional support.

Availability Monday to Friday 8:00 a.m. – 6:00 p.m (exception: customers with SLA – please call the 24/7 IRR emergency number).

Private individuals please contact your trusted IT service provider or the local police station.

For more information about our DFIR services here:

Add CSIRT to contacts