Forensic Friday – Windows 10 Sandbox and Virtualization Analysis
Windows 10 Sandbox and Virtualization Analysis
With the release of Windows 10 1903 came a new set of features to allow the system administrator to use Linux to administer the system, virtualize the Edge browser and Sandbox a Windows environment. In this session we will explore the legitimate uses of these features and examination techniques to identify user interaction and exploring the artifacts these processes leave on the host system. Attendees will learn of the challenges in identifying nefarious activities conducted through these processes when a user is exploiting these features to conceal their actions.