How-tos and Free Guides for Windows Server
Step-by-step instructions on auditing the most critical events in Windows Server
Featured How-tos
Suspicious changes to Startup Registry keys can be a sign of malware activity. Timely detection of these changes can prevent loss of sensitive data.
This how-to shows two ways of detecting who created a new scheduled task on your windows server.
Video recording of user screen activity enables IT administrators to gain visibility into IT systems and control privileged user activity before a security breach occurs.
IT administrators need to monitor deletions of DHCP reservations to ensure no unauthorized changes took place, thus preventing system unavailability.
Continuous monitoring of DNS record deletions helps IT administrators detect abnormal actions in a timely manner and thereby avoid service unavailability.
To detect unauthorized software installation, IT pros need to monitor all changes made to server configuration and timely get alerted on them.
Free Reference Guides
Oracle Database Auditing
Azure AD Auditing
Best Practices for UBA
Best Practices for Data Access Governance
Exchange Online Mailbox Auditing
Exchange Online Auditing
Best Practices for File Analysis
Surviving Ransomware
Mitigating Insider Threats
Login/Logoff Auditing
Windows Server Auditing
Windows File Server Auditing
VMware Auditing
SQL Server Auditing
SharePoint Auditing
NetApp Storage Auditing
IIS Configuration Auditing
Group Policy Auditing
Exchange Server Auditing
Exchange Mailbox Auditing
EMC Storage Auditing
DNS Server Auditing
DHCP Auditing and Event Logging
Active Directory Auditing
Account Lockout Troubleshooting