Top 12 Events to Monitor in the Windows Server Security Log

About this webinar

Recorded: February 6, 2018

Last year we spent a lot of time, and rightly so, on Active Directory and domain controllers. But don’t forget your member servers. That’s where your data actually resides and bad guys can make a lot of noise once inside a member server that you won’t hear if you are only watching Active Directory. There’s a wealth of security information available in their logs. In this webinar, Randy Franklin Smith highlights the 12 most important things to monitor in the Security Log of your Windows servers:

  1. Audit policy changes
  2. User right assignments
  3. Local account authentication policy changes
  4. Local user account changes
  5. Local account enumeration
  6. Logon right changes
  7. Local group membership changes
  8. New software installed
  9. Failed logon attempts
  10. Any attempt to logon as local Administrator
  11. Firewall policy change
  12. New device attached
Hosted by
Adam Stetson,
Systems engineer
Randy Franklin Smith,
CEO, Monterey Technology Group, Inc.

Deep Dive: How to Reduce the Exposure of Your Critical Data

To reduce the overexposure of regulated and mission-critical data, it’s not enough to understand where it resides; you also need to uncover any issues that put the data at risk and quickly remediate them. With solutions from Netwrix, you can reduce the exposure of your sensitive data by moving it to a safe location, deleting confidential pieces of content from it and more.

Join us and discover how Netwrix solutions enable you to:

  • Understand which data needs protection and how exposed it is
  • Automatically migrate overexposed data to quarantine before a breach occurs
  • Automatically redact sensitive content from documents
  • Identify and revoke excessive permissions
  • Increase the accuracy of your data loss prevention (DLP) tool
29
August
9:00am PDT
29 August, 9:00am PDT
Register Now