"Introduces readers to the most common components of EDR systems including function hooking
callback notifications Event Tracing for Windows and filesystem minifilters by explaining
how they are implemented and how they collect various data points. Covers documented evasion
strategies for bypassing detections and describes how defenders might protect themselves"--
