Real time alerts sent to your pager is a nice idea but if you overdo it you run the risk of "cry wolf" syndrome in which no one pays attention any more. The key to responsive security monitoring is to limit real time alerts to events that are clearly malicious or have a high security impact and are very unusual in day-to-day operations. You only want the pager to go off if something truly unusual or wrong occurs which warrants immediate investigation.
In this seminar I will show you 12 events or event patterns from the Windows security log that deserve to go on your short list of consideration for real time alerting. I'll explain why these events are important to investigate and why they are unlikely to produce needless alerts in most environments. Join me for this highly researched and actionable list of suspicious events.
Thursday, June 14, 2007 12:00 PM - 1:00 PM EDT
Register now
Can't make the live event? Register anyway to receive a link to the recorded version
To Unsubscribe from this list please follow this link
http://www.ultimatewindowssecurity.com/absolutenl/user-unsubscribe.aspx?s=11849&l=4
No comments:
Post a Comment