This week I Cover my all-time favorite Windows event, security event 4688: new process creation. If you do windows, incident, response, forensics, this is a must-know know artifact.