Windows Security, et al

Log monitoring and the Terry Childs/City of San Francisco debacle

Tue, 29 Jul 2008 16:01:00 EST

Chances are you’ve heard about the network administrator, Terry Childs, who reportedly held the City of San Francisco’s network hostage last week rather than sharing access with fellow IT folks. Clearly, this was a management issue first and foremost. ...

New Features in LogRhythm 4.0 Deserve a Place on Your Short List

Wed, 4 Jun 2008 03:35:00 EST

I recently reviewed LogRhythm 4.0 and was suitably impressed. Especially by its normalization capability and efficient handling of huge amounts of log data. Click here to read my review.

WinSecWiki is Live!

Thu, 17 Jan 2008 08:12:00 EST

This post is to announce my new wiki devoted to all things Windows security related. As of today there are 745 pages that cover the core security settings of Windows and the all new security log in Vista and ...

PCI's 12 Requirements: Relative Ongoing Effort

Fri, 2 Nov 2007 13:50:00 EST

Get more tips from Randy on PCI:
Comply with PCI and Still Have a Life

Get more tips from Randy on PCI:
Comply with PCI and Still Have a Life

More granular audit policy in Vista and Windows Server 2008? Improvement?

Tue, 4 Sep 2007 07:21:00 EST

Over the years there's been a lot of complaints about how unflexible the audit policy in Windows. I've long pointed out that "You just can't configure the noise out of the security log; that's the job of your log management ...