In the final blog of this series, we’ll look at ways to integrate Windows event logs with other telemetry sources to provide a complete picture of a network environment. The…
Over the last three posts, we’ve looked at Microsoft event logging use cases and identified a set of must-have event IDs. Now we’re ready to put our security policy in…
Last year, the White House issued an Executive Order designed to strengthen cybersecurity efforts within federal agencies. The EO requires agencies to adhere to the National Institute of Standards and…
Anyone who has looked at the number of event IDs assigned to Windows events has probably felt overwhelmed. In the last blog, we looked at some best practices events that…
Security is always an important topic with our government customers. Here’s an applicable article from my colleague, Joe Kim, in which he offers some tips on compliance. Ensuring that an…
Can you have too much of a good thing? Maybe not, but you can certainly have too much of the wrong thing. In my first blog, I introduced the idea…
We’ve all heard the saying, “What you see is what you get.” Life isn’t quite so simple for those focused on security, as what you don’t see is more likely…
When organizations first take on the challenge of setting up a disaster recovery plan, it’s almost always based on the premise that a complete failure will occur. With that in…
It’s the time of year when we look toward the future. Here’s an interesting article from my colleague, Joe Kim, where he provides a few predictions. Want a good idea…
In the fast-paced world of IT, can you afford to be a legacy IT pro? This is a concern for many, which makes it worth examining. IT functions have been…
