Newsletters


SIEM and Return on Investment: Four Pillars for Success

EventTracker July Newsletter by Jim Romeo Return on investment (ROI) — it is the Achilles heel of IT management. Nobody minds spending money to avoid costs, prevent disasters, and ultimately yield more than the initial investment outlay. But is the … Continue reading



Tracking removable storage with the Windows Security Log

EventTracker June Newsletter By Randy Franklin Smith With data breaches and Snowden-like information grabs, I’m getting increased requests for how to track data moving to and from removable storage, such as flash drives.  The good news is that the Windows … Continue reading



Increasing Security and Driving Down Costs Using the DevOps Approach

EventTracker May 2014 Newsletter By Earl Follis and Ed Tittel The prevailing IT requirement tends toward doing more work faster, but with fewer resources to do such work, many companies must reconsider their traditional approaches to developing, deploying and maintaining … Continue reading



How to analyze login and pre-authentication failures for Windows Server 2003 R2 and below

EventTracker April 2014 Newsletter by Nikunj Shah Analyzing all the login and pre-authentication failures within your organization can be tedious. There are thousands of login failures generated for several reasons. Here we will discuss the different event IDs and error … Continue reading



Avenue to Compromise – Credential Theft

March 2014 EventTracker Newsletter By A.N. Ananth After an attacker has compromised a target infrastructure, the typical next step is credential theft. The objective is to propagate compromise across additional systems, and eventually target Active Directory and domain controllers to … Continue reading



Monitoring File Permission Changes with the Windows Security Log

January/February 2014 EventTracker Newsletter By Randy Franklin Smith Unstructured data access governance is a big compliance concern.  Unstructured data is difficult to secure because there’s so much of it, it’s growing so fast and it is user created so it … Continue reading



Information Security Officer Extraordinaire

EventTracker December Newsletter   Industry News: Lessons Learned From 4 Major Data Breaches In 2013 Dark Reading Last year at this time, the running count already totaled approximately 27.8 million records compromised and 637 breaches reported. This year, that tally … Continue reading



Auditing File Shares with the Windows Security Log

EventTracker November Newsletter By Randy Franklin Smith Over the years, security admins have repeatedly asked me how to audit file shares in Windows.  Until Windows Server 2008, there were no specific events for file shares.  The best we could do … Continue reading



Simplifying SIEM

EventTracker October Newsletter By A.N. Ananth, CEO, EventTracker Since its inception, SIEM has been something for the well-to-do IT Department; the one that can spend tens or hundreds of thousands of dollars on a capital acquisition of the technology and … Continue reading



Pay Attention to System Security Access Events

EventTracker September Newsletter By Randy Franklin Smith There are five different ways you can log on in Windows called “logon types.” The Windows Security Log lists the logon type in event ID 4624 whenever you log on. Logon type allows … Continue reading