Event Log Managment

Logs .. Logs and More Logs

Inside and Outside Hack Attempts

Over the last several years I have conducted quite a few webinars with Randy F. Smith on a variety of topics that relate to Windows Audit Policies and Log Management.  Two of these truly drive home the point about why you need to be looking at your logs (not just Windows but all sources; *NIX and Network Devices as well).  The first of these was conducted on Jan 20, 2009 entitled “Anatomy of a Hack: Tracking an Intruder with Security Logs” and most recently on Feb 4, 2010 entitled “Insider Gone Bad: Tracking Their Steps and Building Your Case with the Security Log “.


March 3, 2010 Posted by | Audit Policy, Audting, Event Log, Hacking, Log Management | , , , , , , , | Leave a comment

Detecting Insider Threats

Over the last few weeks I have been putting together a whitepaper on detecting insider threats (on a Windows network).  The paper is finished and is available here.  In the next few days I will be setting up a webinar that will cover this topic watch  <<removed>> for a link to the webinar.

**Some how I missed the links in this post and found it because someone clicked on the whitepaper link.  So July 23, 2011;  Do to some unforseen issues at Prism I can no longer in good faith promote their product or services and I have removed all links to their website.

April 29, 2009 Posted by | Audting, Hacking, Log Management | , | Leave a comment