Top 12 Events to Monitor in the Windows Server Security Log
About this webinar
Last year we spent a lot of time, and rightly so, on Active Directory and domain controllers. But don’t forget your member servers. That’s where your data actually resides and bad guys can make a lot of noise once inside a member server that you won’t hear if you are only watching Active Directory. There’s a wealth of security information available in their logs. In this webinar Randy Franklin Smith highlights the 12 most important things to monitor in the Security Log of your Windows servers:
- Audit policy changes
- User right assignments
- Local account authentication policy changes
- Local user account changes
- Local account enumeration
- Logon right changes
- Local group membership changes
- New software installed
- Failed logon attempts
- Any attempt to logon as local Administrator
- Firewall policy change
- New device attached
CEO, Monterey Technology Group, Inc.
Mitigating IT risks with Data Classification and Access Control
Your company may maintain terabytes of data. Your reputation and financial future remain at stake if someone steals personally identifiable information (PII) from a single unaccounted-for file. Your organization may need to pass compliance audits; what controls do you have in place to identify, classify, and secure your data?
Join industry analyst Tim Warner and Netwrix system engineer Jeff Melnick to learn how to start a corporate data classification and protection scheme right now. Ask Jeff and Tim questions and leave the webinar armed with practical advice and next step actions.