Hi there まいど! 👋
About Yamato Security
Yamato Security is a security group created by Zach Mathis (@yamatosecurity) in 2012. At first, the main purpose was to provide security training to build a local security community in Western Japan but has grown to provide training, CTF events, webinars, etc... across the country for thousands of people.
Now, with a group of volunteer members, we are providing free open source DFIR tools such as Hayabusa, WELA, Takajo, etc...
Please contact us if you want to help out and contribute.
Main Projects
- Hayabusa - (隼) A sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
- Takajo - (鷹匠) An analyzer for Hayabusa results.
- WELA - ゑ羅(ウェラ)(Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs.
- Yamato Security's Windows Event Log Configuration Guide For DFIR And Threat Hunting - Documentation for how to configure proper Windows audit log settings and which categories and Event IDs are important to monitor.
- Presentations - Presentations in English and Japanese.