Top 12 Events to Monitor in the Windows Server Security Log

About this webinar

Recorded: February 6, 2018

Last year we spent a lot of time, and rightly so, on Active Directory and domain controllers. But don’t forget your member servers. That’s where your data actually resides and bad guys can make a lot of noise once inside a member server that you won’t hear if you are only watching Active Directory. There’s a wealth of security information available in their logs. In this webinar Randy Franklin Smith highlights the 12 most important things to monitor in the Security Log of your Windows servers:

  1. Audit policy changes
  2. User right assignments
  3. Local account authentication policy changes
  4. Local user account changes
  5. Local account enumeration
  6. Logon right changes
  7. Local group membership changes
  8. New software installed
  9. Failed logon attempts
  10. Any attempt to logon as local Administrator
  11. Firewall policy change
  12. New device attached
Hosted by
Adam Stetson,
Systems Engineer
Randy Franklin Smith,
CEO, Monterey Technology Group, Inc.

How to Protect Identities and Secure Your Azure Environment

Azure AD allows you to layer features such as conditional access and multifactor authentication to help protect your users and data. Along with Azure Security Center, it helps monitor security across on-premises and cloud workloads. Unfortunately, incorporating Microsoft’s native tools alone is rarely enough to maintain a strong security posture of your Azure infrastructure.

In this session, @microspecialist Adnan Hendricks will explain how Microsoft’s built-in security controls can help you protect your organization — and why you need to augment them with enterprise-quality auditing. 

Join this webinar and learn:

  • How to strengthen user credentials and reduce your attack surface area using native tools
  • Why relying on native tools alone leaves critical security gaps
  • How Netwrix Auditor enhances auditing to deliver complete and reliable end-user security
  • How to spot threat patterns in time to prevent security breaches and even automate threat response

Register now and get a chance to win a $100 Amazon card!

13
December
1pm EST
13 December, 1pm EST
Register Now