How to Detect Low Level Permission Changes in Active Directory

We hear a lot about tracking privileged access today because privileged users like Domain Admins can do a lot of damage. But more importantly, if their accounts are compromised the … Continue reading

Are You Listening to Your Endpoints?

There’s plenty of interest in all kinds of advanced security technologies like threat intelligence, strong/dynamic authentication, data loss prevention and information rights management. However, so many organizations still don’t know … Continue reading

Strengthen your defenses where the battle is actually being fought – the endpoint

By: Randy Franklin Smith Defense-in-depth pretty much secures and confirms the thought that every security technology has a place but are they really all created equal? Security is not a … Continue reading

Venom Vulnerability exposes most Data Centers to Cyber Attacks

Just after a new security vulnerability surfaced Wednesday, many tech outlets started comparing it with HeartBleed, the serious security glitch uncovered last year that rendered communications with many well-known web … Continue reading

Four Key Steps to Rapid Incident Response

by Dan Sullivan Is it possible to avoid security breaches? Judging from recent headlines, probably not. Victims range from startups like Kreditech, to major retailers like Target,to the US State … Continue reading

Enriching Event Log Monitoring by Correlating Non Event Security Information

Sometimes we get hung up on event monitoring and forget about the “I” in SIEM which stands for information. Not forgetting Information is important because there are many sources of non-event … Continue reading

Why Naming Conventions are Important to Log Monitoring

EventTracker January Newsletter By: Randy Franklin Smith Log monitoring is difficult for many reasons. For one thing there are not many events that unquestionably indicate an intrusion or malicious activity. … Continue reading

4 Fundamentals of Good Security Log Monitoring

December Newsletter By: Randy Franklin Smith Effective security log monitoring is a very technical challenge that requires a lot of arcane knowledge and it is easy to get lost in … Continue reading

Mobile and Remote Endpoints – Don’t Leave Them Out of Your Monitoring

November Newsletter By: Randy Franklin Smith I’ve always tried to raise awareness about the importance of workstation security logs. Workstation endpoints are a crucial component of security and the first … Continue reading

Laying Traps for External Information Thieves

October Newsletter by Randy Franklin Smith Wouldn’t it be nice if you detect when an external threat actor, who’s taken over one of your users’ endpoints, goes on a poaching … Continue reading