Webinars by Randy

Every month Randy hosts free webinars on a variety of information security topics. These sessions are fast, informative and practical.  1 CPE credit per webinar. PowerPoint slides provided so you can take notes.

Can't find a webinar you registered for in the past? - get a transcript


TypeDateTitleSubject Area
Commissioned 10/20/2020 Ethical Hacking 101: Perform Your Own Privilege Elevation and Lateral Movements with Metasploit Windows Security
Commissioned 10/13/2020 Maze Ransomware Deep Dive: Using Threat Research Reports and MITRE ATT&CK to Turn Analysis into Action with Maze as an Example Windows Security
Commissioned 9/29/2020 Top 5 Security Tasks to Automate with PowerShell Workstation Security
Commissioned 9/22/2020 Comparing 4 Remote Access Paradigms for Supporting Today’s Remote Work Requirements and Risks Compliance
Commissioned 9/10/2020 Filling the Gaps in Microsoft Teams Security Compliance
Commissioned 9/3/2020 Next Generation Windows Event Collection: How to Instantly Load Balance WEC Collectors without Waiting for Computers to See Group Membership Changes Security Log
Commissioned 9/1/2020 The Gophish Toolkit: Running a Phishing Assessment Against Your Organization to Identify Technical and Social Engineering Weak Spots Network Security
Commissioned 8/27/2020 WiFi Pineapple: Targeted MitM, Credential Harvesting, and More Fun Network Security
Commissioned 8/25/2020 Top 4 Active Directory Security Issues from 2 Years of Security Assessments Active Directory
Commissioned 8/20/2020 Keeping Pace with Ransomware Tactics and Strategies: Lessons Learned from 1 Year of Attacks by WastedLocker, Maze, Evil Corp, NetWalker, et al Network Security
Commissioned 8/13/2020 DNS Threat Hunting: Exploiting Your Adversaries Dependence on Domain Names Network Security
Commissioned 8/11/2020 Tales from the Trenches: One Red Team’s Experiences Breaking into Networks for a Living Network Security
Commissioned 7/30/2020 EXPLOITING F5 BIG-IP: Deconstructing This Simple but Deadly Unauthenticated Remote Code Exploit and Why It’s More Than Just an F5 Issue Network Security
Commissioned 7/23/2020 Threat Hunting: Real Intrusions by State-Sponsored and eCrime Groups Network Security
Commissioned 7/9/2020 Anatomy of an Exploit: SMBGhost/CoronaBlue – How “Chompie” Achieved Unauthenticated Remote Code Execution Despite Windows 10’s Near Perfect Address Randomization Network Security
Commissioned 6/18/2020 Beyond Signatures: 6 Contextual and Human Intelligence Methods for Detecting Phishing and BEC Compliance
Commissioned 6/16/2020 Postmortem of Two Real World Attacks: 1) Fast-moving Ransomware 2) Webshell-based Data Exfiltration Network Security
Commissioned 6/9/2020 Anatomy of a Hacker Group: APT29 (aka Cozy Bear) Security Log
Commissioned 5/28/2020 Anatomy of a Citrix Hack: S**trix. Hands-on with Understanding, Detecting and Red Teaming this Exploit Network Security
Commissioned 5/14/2020 Top 9 Network Security Vulnerabilities Common to the Cloud Network Security
Commissioned 5/7/2020 Extra Vigilance: Top 3 Ways to Adapt Your Security Log Monitoring for the Surge in Working from Home Security Log
Commissioned 5/5/2020 Exploring 5 Techniques from the MITRE ATT&CK Cloud Matrix Specific to O365 Compliance
Commissioned 4/30/2020 Reducing Your MITRE ATT&CK Surface by Denying Admin Authority Compliance
Commissioned 4/21/2020 Trust or Zero Trust: Working Remotely and Going Beyond Privileged Access Management Compliance
Commissioned 4/16/2020 Double Edged Sword: Employing and Exploiting Machine Learning and AI by Red and Blue Teams Compliance
Commissioned 3/26/2020 Security Log Deep Dive: Mapping Active Directory Authentication and Account Management Events to MITRE ATT&CK TTPs Security Log
Commissioned 3/19/2020 Top 7 Best and Worst Ways to Avoid Alert Fatigue Security Log
Commissioned 3/17/2020 Anatomy of a Linux Hack: Skidmap Leverages Cron Jobs, PAM, Kernel Modules, and More Network Security
Commissioned 3/12/2020 Passive Inventory of Security Risks, Endpoints, Applications and Cloud Usage through Network Traffic Analysis Network Security
Commissioned 3/5/2020 4 Trending Phishing Techniques: Real Life Examples and Tips for Detection Network Security
Commissioned 2/20/2020 Case Study: 11 Real World Examples of Actual Data Compromised on the Dark Web Compliance
Commissioned 2/13/2020 Password Spray & Credential Stuffing: Protecting Active Directory From User Password Re-Use and Harvested Password Attacks Network Security
Commissioned 2/6/2020 Password Attacks with Kali Linux Network Security
Commissioned 1/30/2020 Remediate or Re-Install? 3 Steps for Surgical Removal of Malware Using the Latest Emotet as a Subject Workstation Security
Commissioned 1/28/2020 Beyond Commodity Malware: Catching the Human Attacker Controlling a Compromised Endpoint Workstation Security
Commissioned 1/23/2020 Active Defense: 7 Ways to Seize the Initiative and Get Out in Front of Threats Network Security
Commissioned 1/21/2020 Top 10 Event Categories to Monitor in the Windows Server Event Log Security Log
Commissioned 12/12/2019 Beyond IP/Hash/Domain: Leveraging Threat Feed Metadata for Better Context and Accuracy Network Security
Commissioned 12/10/2019 How to Secure Privileged Session Access to Cloud-based VMs; Hint: Don’t Expose SSH/RDP to the Internet Network Security
Commissioned 12/3/2019 Dissection 101: Step-By-Step Static Analysis of Unknown PE files (EXE) to Recognize Malware and Assess Impact Workstation Security
Commissioned 11/26/2019 Understanding SCIM for Identity Provisioning between Clouds and… Everything Compliance
Commissioned 11/19/2019 Are Firewalls Dead? Not by a Long Shot - But We Need to Make Some Changes Network Security
Commissioned 11/12/2019 PCI and the Windows/AD Environment: Understanding the 12 Requirements of the Data Security Standard in Context Compliance
Commissioned 11/7/2019 Data Loss Detection: Finding Your Data on the Dark Web and Beyond Compliance
Commissioned 11/5/2019 Anatomy of a DNS Hijacking: The Fascinating Case of the Sea Turtle Campaign Network Security
Commissioned 10/31/2019 Understanding Windows Event Collection (WEC/WEF): Planning, Troubleshooting and Performance Monitoring Security Log
Commissioned 10/24/2019 Detecting Insider Threats in Office 365 and Hybrid AD Compliance
Commissioned 10/22/2019 MacOS and Security: Understanding MacOS Malware and Attacks Workstation Security
Commissioned 10/10/2019 Anatomy of an Attack: MitM into O365, defeat MFA, then Lateral Movement into On-Prem Network Security
Commissioned 10/1/2019 Anatomy of RDP Exploits: BlueKeep, DejaBlue, MetaSploit and the Many Lessons To Be Learned Network Security
Commissioned 9/26/2019 Pushing the Limits of Network Security Monitoring: 5 Real-World Scenarios Network Security
Commissioned 9/19/2019 Access Hoarders, Group Sprawl and Permission Creep: Cleaning up AD Active Directory
Commissioned 9/12/2019 EDR is Critical But Let’s Up the Ante by Deploying Preventive Controls Upstream Workstation Security
Commissioned 9/10/2019 Exploiting Your Adversary’s Weak Spot: DNS Domain Names – A Natural Fit for SOAR Network Security
Commissioned 9/5/2019 Kubernetes Audit Logging: Containerized Apps are Only as Secure as the Cluster Where They Run Compliance
Commissioned 9/3/2019 Understanding Active Directory Authentication Events in the Windows Security Log and Beyond Active Directory
Commissioned 8/20/2019 Cloud VMs: Understanding and Securing the Multiple Routes to Privileged Access Compliance
Commissioned 8/15/2019 Detecting Persistence: Top 9 Security Changes to Monitor on Windows Server Security Log
Commissioned 8/6/2019 Top Indicator an Application Has Been Pwnd: Starting a LOLBin Windows Security
Commissioned 8/1/2019 Fully Mapping Your Internet Facing Attack Surface Network Security
Commissioned 7/23/2019 Using Honeypot Accounts and Hashes in Active Directory to Detect Pass-the-Hash & Credential Theft Windows Security
Commissioned 7/11/2019 5 Steps to Keeping Firewall Rules Up-to-Date and Secure Network Security
Commissioned 7/9/2019 Rethinking Active Directory Password Security – New Guidance from NIST Brings Long Needed Changes to Password Best Practices Active Directory
Commissioned 7/2/2019 Auditing Active Directory Changes with the Windows Security Log Active Directory
Commissioned 6/18/2019 Azure & O365 Audit Logging: 8 Events Across the Stack That You Want to Know When They Happen Compliance
Commissioned 6/11/2019 Threat Detection and Hunting for 5 of the Most Common MITRE ATT&CK Techniques: Connection Proxy, Service Execution, Exfiltration, Masquerading, Drive-by Compromise Network Security
Commissioned 6/4/2019 Artificial Intelligence & Machine Learning Applied to Infosec: Cutting Through the Hype by Looking at a Real-World Working Example In-Use Right Now Network Security
Commissioned 5/30/2019 Top 4 Most Dangerous Applications on Every Endpoint; Fighting Back with Detective and Preventive Controls Workstation Security
Commissioned 5/28/2019 Real Life Ethical Hack of a Power Station: Inside the mind of a Hacker on how to Successfully Break in and the Lessons Learned Network Security
Commissioned 5/23/2019 Building a Resilient Logging Pipeline: Windows Event Collection Tips and Tricks for When You Are Serious About Log Collection Security Log
Commissioned 5/21/2019 Container Security Fundamentals: How Containers Work in Linux and Docker, How They Differ from VMs and What It Means to Security Network Security
Commissioned 5/2/2019 How to Prove Your Firewalls Actually Do What You Intend Using Multiple Vantage Points and Tools from Kali Linux Network Security
Commissioned 4/30/2019 Exploring Windows Server’s Data Classification Infrastructure to Find Private Data and Comply with GDPR, et al Compliance
Commissioned 4/25/2019 AD Attack Deep Dive: Gaining Persistence using DCSync and DCShadow with Mimikatz Active Directory
Commissioned 4/23/2019 Osquery Deep Dive: Doing Low Level Analytics and Monitoring for Windows/Linux/macOS Windows Security
Commissioned 4/16/2019 Preparing for Total Annihilation of Your Infrastructure Compliance
Commissioned 4/11/2019 Deciding Which Security Event Logs to Collect and How to Process Them in Your SIEM and Beyond Security Log
Commissioned 4/9/2019 How Modern Single Page Web Applications Break Traditional Application Vulnerability Scanning Compliance
Commissioned 3/28/2019 Detecting Threats in Encrypted Traffic on Your Global Network without Breaking the Law Network Security
Commissioned 3/26/2019 SIEM Delivery Models: Where Do Today’s Risks and Future Technology Point? Security Log
Commissioned 3/21/2019 Malicious Traffic: Understanding What Does and Doesn’t Belong on Your Unique Network Network Security
Commissioned 3/19/2019 Anatomy of a Hack: How TEMP.Mixmaster Attackers Use TrickBot and Ryuk To Poach Big Game Workstation Security
Commissioned 3/14/2019 Emotet: Dissecting the Info Stealing Trojan That Keeps Going Workstation Security
Commissioned 3/12/2019 Detecting When Attackers Use Trusted Windows Components Like cmd, powershell, wmic, mshta, regsvr32 for Malicious Operations Windows Security
Commissioned 3/7/2019 Securing Privilege Outside the IT Department: High Value Transactions, Vulnerable Applications and Access to Critical Information Compliance
Commissioned 2/28/2019 5 Steps to Comprehensively Mapping Your Attack Surface Network Security
Commissioned 2/26/2019 Understanding and Managing Organizational Units and Groups in Active Directory Active Directory
Commissioned 2/7/2019 Staying Open for Business Against DDOS Attackers Requires More than Just Blocking Traffic Network Security
Commissioned 1/29/2019 Closing the Loop: Detecting Vulnerabilities is Great but Risk Only Decreases After Remediation Compliance
Commissioned 12/18/2018 Building MITRE ATT&CK Technique Detection into Your Security Monitoring Environment Security Log
Commissioned 12/11/2018 A Compromised Entity is Detected: 3+ Ways to Automatically Contain the Threat Compliance
Commissioned 12/6/2018 The Year in Review: From the Totally New Spectre & Meltdown to Pathetically Old Flash; There's Plenty to Learn from 2018 Compliance
Commissioned 11/27/2018 Checking your Application Against the OWASP Top 10 Security Risks Network Security
Commissioned 11/8/2018 Dabble or Deep Dive: 7 Different Threat Hunts You Can Do With Available Resources Security Log
Commissioned 11/6/2018 AWS Network Security Deep Dive: Providing Network Protection for AWS Cloud Resources Network Security
Commissioned 11/1/2018 Detecting Targeted Spearphishing Campaigns in the Preparation Phase Compliance
Commissioned 10/30/2018 Managing File Share Security on Windows Servers Windows Security
Commissioned 10/23/2018 Limit the Fallout When Users Fall Victim: Threat Vectors Eliminated by Implementing Least Privilege on Workstations Workstation Security
Commissioned 10/16/2018 Top 10 Steps to Hardening Linux Systems Network Security
Commissioned 10/11/2018 Tracking Group Membership Changes in Active Directory Active Directory
Commissioned 10/9/2018 Managing Local Administrator Accounts with LAPS; And Protecting LAPS from Attack Windows Security
Commissioned 10/4/2018 Why Multi-factor Authentication Can’t Prevent Pass-the-Hash Attacks and Alternative Mitigation Methods Network Security
Commissioned 10/2/2018 4 Threat Detections using Active Directory Authentication Events from the Windows Security Log Security Log
Commissioned 9/25/2018 Understanding How Attackers use Malicious JavaScript Network Security
Commissioned 9/13/2018 Which User and What Program Sent This Packet, and Should I be Concerned? Correlating Network Security Alerts with Host Logs for Full Traffic Attribution Security Log
Commissioned 9/6/2018 Seeing Inside Encrypted Traffic: Blocking Threats and Enforcing Policy While Preserving Security, Compliance and Performance Network Security
Commissioned 8/30/2018 5 Ways to Respond Faster and Automate Security through 2-Way Integration Between SIEM and IAM Security Log
Commissioned 8/28/2018 Office Macro Exploitation: Mitigating and Threat Hunting This Widely Exploited Vector Workstation Security
Commissioned 8/23/2018 How Attackers Exploit the Windows Registry for Persistence, Hiding File-less Malware, Privilege Elevation and More Windows Security
Commissioned 8/21/2018 Anatomy of a Hack: How Cryptojacking Works, Why It’s Growing, Its Risks and Detection Network Security
Commissioned 8/16/2018 Migrating to the Cloud? Don’t Forget Your Firewalls Network Security
Commissioned 7/31/2018 Privileged Insiders Gone Rogue: Tales from Tesla, Trains, Pharma, a Boot Maker and Beyond Compliance
Commissioned 7/24/2018 Using YARA to Describe, Classify and Search for Malware Security Log
Commissioned 7/19/2018 Understanding OneDrive for Business Security and Monitoring Security Log
Commissioned 7/17/2018 Correlating DHCP, DNS and Active Directory data with Network Logs for User Attribution Network Security
Commissioned 7/12/2018 Migrating from Shared Accounts to the Dual Account Model to Manage Risk, Enforce Accountability and Facilitate Behavior Analytics for Privileged Account Activity Compliance
Commissioned 6/21/2018 “Wait… That’s Not How Susan Types. Kill that Session Now!”: 8 Ways to Analyze Privileged Sessions to Identify Your Most Suspicious Activity. Compliance
Commissioned 6/19/2018 When Your SIEM Cries Wolf Too Many Times: Addressing Alert Fatigue with Security Automation and Orchestration (SAO) Compliance
Commissioned 5/31/2018 Threat Hunting with DNS Domain Names Collected from All Over Your Network Network Security
Commissioned 5/22/2018 Getting to Least Privilege on Windows 10 and Windows Server 2016 Workstation Security
Commissioned 5/17/2018 Quantifying Potential Lateral Movement Exposure for Privileged Accounts in Active Directory Active Directory
Commissioned 5/10/2018 Anatomy of an Attack: How the Bad Guys Use Certutil and MSBuild to Stay Below the Radar Workstation Security
Commissioned 5/8/2018 Identifying Abnormal Authentication: Associating Users with Workstations and Detecting When Users (Try to) Logon to Someone Else’s Workstation Workstation Security
Commissioned 5/3/2018 Linux Security Deep Dive: How LD_PRELOAD Makes It Possible to Audit and Control Root Users Network Security
Commissioned 5/1/2018 Top 8 Factors to Analyze to Determine the Real Risk of a Vulnerability: CVSS Score Is Only the Beginning Compliance
Commissioned 4/26/2018 Anatomy of an Attack: How Password Spraying Exploits Weak Passwords So Effectively Active Directory
Commissioned 4/19/2018 5 Ways to Use System Status, Availability and Performance Data to Enhance Security Monitoring Network Security
Commissioned 4/12/2018 3 Ambiguities in One Simple Rule: How to Stop Writing Firewall Rules and Start Controlling Network Security Based on Your Actual Intent Network Security
Commissioned 4/4/2018 Understanding Alternative Technologies for SMB Fail-Over Disaster Recovery for On-Prem Servers Network Security
Commissioned 3/29/2018 Top 3 Workstation Logs to Monitor for Early Detection of Attacks: Security Log, PowerShell, Sysmon Network Security
Commissioned 3/27/2018 Top Windows Security Log Events for User Behavior Analysis Security Log
Commissioned 3/22/2018 What’s New in SQL Server Audit Logging: SQL Server 2016 SP1, 2017, Linux and Azure Active Directory
Commissioned 3/13/2018 Using VirusTotal for More than Simple AV Checks: How to Leverage Their Big Data to Threat Hunt in Your Network Network Security
Commissioned 3/8/2018 How to do Logon Session Auditing with the Windows Security Log Security Log
Commissioned 2/27/2018 Shortening the Risk Window of Unpatched Vulnerabilities Compliance
Commissioned 2/20/2018 Anatomy of 3 DDoS Attacks: Volumetric, Network, Application Network Security
Commissioned 2/15/2018 Detect and Monitor Threats to your Executive Mailboxes with Exchange Mailbox Auditing Compliance
Commissioned 2/13/2018 Network Segmentation: Implement Roadblocks on the Attack Surface, Stop Malicious Spread Network Security
Commissioned 2/8/2018 Integrating Linux with Active Directory for Users, Groups, Kerberos Authentication, and even Group Policy Compliance
Commissioned 2/6/2018 Understanding Spectre and Meltdown: The Facts, How to Mitigate, Where We Go from Here Workstation Security
Commissioned 2/1/2018 How to Analyze Logon Attacks with the Windows Security Logs Windows Security
Commissioned 1/30/2018 Top 12 Events to Monitor in the Windows Server Security Log Security Log
Commissioned 1/25/2018 How the NIST Cybersecurity Framework Works: Tiers, Profiles, Functions and Categories Compliance
Commissioned 1/18/2018 Using File Integrity Monitoring to Catch Imposter EXE/DLL Replacements and Tampering – Without the Noise Security Log
Commissioned 1/11/2018 Top 7 Indicators a Domain is Malicious Network Security
Commissioned 1/9/2018 Where to Protect Privileged Sessions with MFA: 1) Direct Integration, 2) at Privileged Access Management, 3) at Federated SSO/CASB or 4) with NGFW Reverse Proxy? Compliance
Commissioned 12/7/2017 Using Message Tracking Logs from Office 365 to Detect and Respond to Phishing Attacks Compliance
Commissioned 12/6/2017 6 Ways to Evaluate Firewall Change Requests to Ensure Security and Compliance and Prevent Risk Creep Network Security
Commissioned 12/5/2017 Pre-empting Mimikatz Attacks on Privileged Accounts Using Password Isolation Human Presence MFA Workstation Security
Commissioned 11/14/2017 Building a Secure Hosting Environment for Red Forest Domain Controllers Active Directory
Commissioned 11/9/2017 6 Steps for Firewall Assessment for Compliance and Security Network Security
Commissioned 11/7/2017 Kali Linux: Using John the Ripper, Hashcat and Other Tools to Steal Privileged Accounts Network Security
Commissioned 11/2/2017 Preparing for the Disgruntled Privileged User: 3+ Ways They Can Hose Your Environment in Minutes Compliance
Commissioned 11/1/2017 Integrating Identity and Authentication Events to Improve SIEM Threat Detection Security Log
Commissioned 10/31/2017 Connecting the Dots Between Indicators of Compromise to See the Whole Attack Windows Security
Commissioned 10/26/2017 Admin/Admin and Other Signs You’re Headed for an “Equifiasco” Active Directory
Commissioned 10/24/2017 DNS Deep Dive: How Attackers Use DNS to Find C2 Servers, Control Compromised Systems, and Exfiltrate Your Data Network Security
Commissioned 10/19/2017 ArcSight’s WUC and WiNC with Native Windows Event Collection: How to Get Events into ArcSight Without the Pain Security Log
Commissioned 10/17/2017 3-Dimensional Security Monitoring for Azure Virtual Machines in the Cloud: Auditing the Control, Data and Windows Planes Security Log
Commissioned 10/12/2017 10+ Up-To-Date Ways to Harden Windows Against Modern Active Directory Attacks Active Directory
Commissioned 10/5/2017 Monitoring Privileged Accounts with the Windows Security Log to Catch Lateral Movement by Mimikatz and other Credential Harvesting Security Log
Commissioned 9/28/2017 3 Modern Active Directory Attack Scenarios and How to Detect Them Active Directory
Commissioned 9/26/2017 Linux Security: Top Files and Directories to Monitor in Linux to Catch Attackers Network Security
Commissioned 9/21/2017 How Hybrid Clouds Connect to Your Network; Understanding and Mitigating the Risks of VPN-to-Cloud and Cloud Application Gateways Network Security
Commissioned 9/19/2017 Top 5 Ways for Analyzing Entitlements and Identifying High-Risk Active Directory
Commissioned 9/14/2017 Tracking Access, Sharing and Administration of Files in SharePoint Online and OneDrive for Business Security Log
Commissioned 9/7/2017 XPath Deep Dive: Building Advanced Filters for Windows Event Collection Security Log
Commissioned 8/31/2017 Profiling Your Attacker: How to Take a Single Domain or IP and Map Out the Infrastructure of a Bad Actor Network Security
Commissioned 8/29/2017 WSUS vs. SCCM: Which is the best way to go for security patching? Windows Security
Commissioned 8/24/2017 Regulating Privileged Access: When to Require Human Approval Workflows Active Directory
Commissioned 8/23/2017 Getting all Your Security Information Into One Place and Searching It Like Google Network Security
Commissioned 8/22/2017 Correlating Vulnerability Scans with Network Path Analysis to Find and Remediate the Biggest Risks to Your Network and Avoid Wasting Time on the Little Ones Network Security
Commissioned 8/17/2017 QRadar WinCollect and Native Windows Event Collection: How to Do It Right, Filter the Noise and Simplify your Infrastructure Security Log
Commissioned 8/15/2017 Understanding Azure Log Integration (AzLog): Microsoft’s New Tool for Bringing Azure Visibility to Your SIEM Security Log
Commissioned 8/3/2017 Ransomware: Attack Methods Being Used to Evade Antivirus and Next Gen Firewalls Network Security
Commissioned 7/27/2017 Something Worse Than Ransomware: Architecting for a New Breed of Malware that Simply Destroys Network Security
Commissioned 7/20/2017 Understanding Office 365 Logon Events to Catch Intrusion Attempts Compliance
Commissioned 7/13/2017 Forget Recovering from Ransomware; Modern Backup Technology can Detect Ransomware Network Security
Commissioned 6/29/2017 How RSA SecurID® Access Blends Dynamic Risk Analytics, UX and Flexibility to Make Strong Authentication More Convenient Network Security
Commissioned 6/27/2017 How to Secure Group Policy, Detect Unauthorized Changes, Prevent Configuration Disasters and Recover When Necessary Active Directory
Commissioned 6/22/2017 My Roadmap for Helping You Monitor Workstations for Early Detection of APTs and Ransomware Workstation Security
Commissioned 6/8/2017 Top 5 Things to Monitor on Privileged Accounts to Detect Outsider Exploitation and Insider Misuse Active Directory
Commissioned 6/6/2017 Top 5 Risks of “Dirty” Firewalls Active Directory
Commissioned 5/30/2017 How to Monitor Active Directory Changes for Free: Using Splunk Free, Supercharger Free and My New Splunk App Active Directory
Commissioned 5/25/2017 Non-Malware Attacks: How to Speed Up Your SOC by detecting and responding to “File-less” attacks on Endpoints Active Directory
Commissioned 5/23/2017 Using Sysmon v6.01 to Really See What’s Happening on Endpoints; It’s Better than the Windows Security Log Windows Security
Commissioned 5/18/2017 Top 6 Active Directory Infrastructure Risk Findings Network Security
Commissioned 5/16/2017 LogRhythm and Native Windows Event Forwarding: How to Do It Right, Filter the Noise and Simplify your Infrastructure Network Security
Commissioned 5/11/2017 Understanding Proxy-Based Privileged Password/Session Management Workstation Security
Commissioned 4/27/2017 Step-By-Step Incident Response for Top 3 Security Scenarios Workstation Security
Commissioned 4/25/2017 Integrating Splunk with native Windows Event Collection (WEC) and Optional 2-Stage Noise Filtering Security Log
Commissioned 4/20/2017 How to Detect 2 Computers on Your Network Talking to Each Other for the First Time and Why It Matters Security Log
Commissioned 4/18/2017 Protecting Active Directory from Malicious and Accidental Destruction: When Recycle Bin Isn’t Enough Active Directory
Commissioned 4/13/2017 Implementing WSUS to Deploy Microsoft, 3rd Party and Custom Patches across Your Enterprise Windows Security
Commissioned 3/30/2017 Bridging the Gap between Cloud 2-Factor Authentication and On-Premise Resources using RADIUS Active Directory
Commissioned 3/23/2017 Detecting Unauthorized Changes Originating in Azure Active Directory and Limiting Impact to On-Prem AD Active Directory
Commissioned 3/21/2017 Managing Large Windows Event Collection Implementations: Load Balancing Across Multiple Collectors Security Log
Commissioned 3/16/2017 Detecting Lateral Movement with New Events in the Windows Server 2016 Security Log Workstation Security
Commissioned 3/9/2017 Systematically Identifying Absolutely Every Privileged User and Detecting New Ones Active Directory
Commissioned 2/28/2017 Building the Ultimate Active Directory Domain Controller Security Environment Active Directory
Commissioned 2/23/2017 It’s Time to Unleash the Power of Native Windows Event Collection Active Directory
Commissioned 2/21/2017 Malicious or Innocent: How to Investigate Account Lockouts in the Active Directory Environment Active Directory
Commissioned 2/16/2017 Understanding Security and Privileged Access in Azure Active Directory Compliance
Commissioned 2/9/2017 PowerShell Empire is the Proof that We Need to Prevent Attacks Instead of Just Searching for Malware Workstation Security
Commissioned 2/7/2017 Top 6 Findings in 2016 from Analyzing Firewalls, Email Security Appliances, Endpoints, Honeypots and Multiple Sandbox Engines Network Security
Commissioned 1/31/2017 Solid State Drives (SSD) Secure Data Removal Deep Dive: What it Takes to Really Make the Data Go Away Compliance
Commissioned 1/24/2017 Configuring Linux and Macs to Use Active Directory for Users, Groups, Kerberos Authentication and even Group Policy Active Directory
Commissioned 1/12/2017 Understanding “Red Forest”: The 3-Tier Enhanced Security Admin Environment (ESAE) and Alternative Ways to Protect Privileged Credentials Active Directory
Commissioned 12/14/2016 The San Fran Muni Ransomware Attack: What Really Happened and What We Learn from the Criminal Who Himself Got Hacked Active Directory
Commissioned 12/8/2016 Locking Down Linux: AppArmor vs SELinux Compliance
Commissioned 12/6/2016 How to Detect Unauthorized Queries Against Sensitive SQL Databases without all the Noise of the Trusted Application Active Directory
Commissioned 11/30/2016 Good Linux Security Needs File Integrity Monitoring Compliance
Commissioned 11/29/2016 Protecting ALL the Privileged Accounts in Your Environment and the Cloud Compliance
Commissioned 11/17/2016 Monitoring changes and access events in AD and Azure AD. What is similar and what is different? How do synchronization and federation play in? Active Directory
Commissioned 11/15/2016 How to Audit Privileged Operations and Mailbox Access in Office 365 Exchange Online Audit Collection Services (ACS)
Commissioned 11/3/2016 Monitoring Active Directory Changes for Compliance: Top 32 Security Events IDs to Watch and What They Mean Security Log
Commissioned 11/1/2016 Deploying Honeynets Outside and Inside Your Network and Integration with Your SIEM Network Security
Commissioned 10/27/2016 14 Group Policy Security Risks and How to Control them Workstation Security
Commissioned 10/25/2016 Understanding Office 365 Unified Audit Logging Compliance
Commissioned 10/20/2016 How to Detect SQL Server Hacking without Crippling Performance or Impacting Availability SQL Server
Commissioned 10/13/2016 Leveraging SCCM to Manage the Security of Your Endpoints Windows Security
Commissioned 9/28/2016 Centralizing Sudo Management for Securing Linux and UNIX Compliance
Commissioned 9/27/2016 How Sandboxes Detonate-to-Detect Malware and How Malware Evades Sandboxes Workstation Security
Commissioned 9/20/2016 25 User Behavior Analytics that Indicate Malicious Insider or Compromised Account Windows Security
Commissioned 9/15/2016 Coping with the Challenges of Exchange Mailbox Auditing Exchange
Commissioned 9/8/2016 When and Why Encryption Doesn’t Protect Your Data Against Malware Workstation Security
Commissioned 8/30/2016 How to Monitor File Access to Detect Any Ransomware – “Look Ma, No Signatures!” Active Directory
Commissioned 8/25/2016 Why Best Practices like RunAs and 2-Accounts Don’t Protect Admin Accounts Against Modern Endpoint Threats Workstation Security
Commissioned 8/16/2016 Top 8 Things to Analyze in Outbound Packets to Detect Compromised Systems Workstation Security
Commissioned 7/28/2016 How the SWIFT Hack Went Down and How to Benefit from the Lessons Learned Workstation Security
Commissioned 7/26/2016 SIEM Integration with SharePoint: Monitoring Access to the Sensitive Unstructured Data in SharePoint SharePoint
Commissioned 7/21/2016 Top 7 Ways to Protect Admin Passwords from Theft via Pass-the-Hash and Other Attacks Active Directory
Commissioned 7/19/2016 Implementing Win 2012 R2 Authentication Silos and the Protected Users Group to Protect Privileged Accounts from Modern Attacks Active Directory
Commissioned 7/14/2016 Filling the Gaps in Active Directory Monitoring Active Directory
Commissioned 6/28/2016 Getting Control of Employee Web Access with Proxy Server and Next Generation Firewall Technologies Compliance
Commissioned 6/9/2016 Designing a Multi-layered Active Directory Security Infrastructure Active Directory
Commissioned 6/2/2016 Top 8 Security Features in Skylake PCs Workstation Security
Commissioned 5/26/2016 DNS Security: How to Detect Compromised Endpoints by Analyzing DNS Activity from Your DNS Server Logs and Network Activity Workstation Security
Commissioned 5/12/2016 Leveraging your SIEM to Catch and Respond to Ransomware Before It Spreads Security Log
Commissioned 4/28/2016 What One Digital Forensics Expert Found On Hundreds of Hard Drives, iPhones and Android Devices Workstation Security
Commissioned 4/25/2016 Enterprise Targeted Ransomware is Just Getting Started: Here’s How to Get Ahead of the Curve Active Directory
Commissioned 4/21/2016 Doing Multi-Factor Authentication Right the First Time: 8 Technical Requirements Windows Security
Commissioned 4/19/2016 Monitoring Group Membership Changes in Active Directory Active Directory
Commissioned 4/14/2016 Auditing Permission Changes on Windows File Servers and NAS Filers Security Log
Commissioned 3/31/2016 Understanding OpenID Connect and OAuth v2.0: How They Work and How to be Secure Active Directory
Security Log Secrets 3/24/2016 6 Steps to Determine if an Unknown Program is Safe or Malicious Windows Security
Commissioned 3/15/2016 Hybrid Directory Governance: Understanding How Security Works in a Hybrid Active Directory Environment of On-Premises AD / Azure AD and Office 365 Active Directory
Commissioned 3/10/2016 Decommissioned Hard Drives: How To KNOW your Data is Destroyed without Creating Toxic Waste or High Cost Compliance
Commissioned 3/3/2016 Defending the Top 8 Most Targeted Applications on Windows Endpoints Compliance
Security Log Secrets 3/1/2016 Who’s Attacking Your Database? Monitoring Authentication and Logon Failures in SQL Server SQL Server
Commissioned 2/25/2016 Extending the Kill Chain with lateral movement on 5 Windows Systems Using Multiple Intrusion Techniques Active Directory
Security Log Secrets 2/16/2016 PowerShell Audit Logging Deep Dive: Catch Intruders Living off the Land and Enforce Privileged User Accountability Compliance
Commissioned 2/3/2016 Protecting Mac OS X from Privilege Elevation Attacks and Related Endpoint Security Risks Active Directory
Commissioned 1/21/2016 Severing the Horizontal Kill Chain: Using Micro-Segmentation in Your Virtualization Infrastructure to Prevent Attackers from Jumping from VM to VM Workstation Security
Commissioned 1/19/2016 How One Organization Brought 800 Desktops into Compliance while Eliminating Overtime, Downtime and Staff Expansion Active Directory
Commissioned 1/12/2016 What Have We Learned from Recent Breaches: 8 Lessons to Take to Heart Workstation Security
Commissioned 12/17/2015 2015 UltimateWindowsSecurity.com Community Survey Highlights Active Directory
Commissioned 12/15/2015 Implementing Windows AppLocker in Audit Mode for Immediate Detection of Unauthorized Programs, Scripts and Software Installation Active Directory
Commissioned 12/10/2015 Understanding Mobile Device Management: iOS and Android, BYOD and Company-Owned Compliance
Commissioned 12/8/2015 3 Authentication Scenarios that Demonstrate Why Federation Really is Safer Active Directory
Security Log Secrets 12/3/2015 Detect and monitor threats to your executive mailboxes with Exchange mailbox auditing Compliance
Commissioned 12/1/2015 Deep Packet Inspection for SSL: How to Defeat Intruders Hiding their Communications Inside Encrypted Channels Workstation Security
Commissioned 11/19/2015 Monitoring What Your Privileged Users are doing on Linux and UNIX Compliance
Commissioned 11/17/2015 Windows BitLocker Encryption Deep Dive: How it Works and How to Fulfill Enterprise Management and Compliance Requirements Active Directory
Commissioned 11/12/2015 Dealing with the Drudgery of Patching Java and Mitigating the Risks of Java Workstation Security
Commissioned 11/4/2015 Hardening Windows Endpoints with Standards-based Configuration Management: USGCB vs CIS Benchmarks and Beyond Compliance
Security Log Secrets 11/3/2015 What’s New in the Windows 10 Security Log Security Log
Commissioned 10/29/2015 Understanding the NIST Cybersecurity Framework: Different, Scalable and Practical Active Directory
Commissioned 10/27/2015 PowerShell Attack Scenarios: How Attackers Do It and How to Detect Active Directory
Commissioned 10/20/2015 Exploring the New FTP Security Enhancements in IIS Workstation Security
Commissioned 10/15/2015 Ransomware Deconstructed: Beyond CryptoLocker and into the World of Crowdsourced Malware Workstation Security
Commissioned 10/14/2015 Top 12 Workstation Security Controls Workstation Security
Commissioned 10/8/2015 5 Indicators of Evil on Windows Hosts using Endpoint Threat Detection and Response Workstation Security
Commissioned 10/1/2015 Live Hacking: Recovering Confidential Data from a Re-Formatted Hard Drive; How to Really Erase Data Active Directory
Commissioned 9/29/2015 Understanding Identity and Access Management Compliance Requirements for PCI, HIPAA, SOX and ISO 27001 Compliance
Security Log Secrets 9/17/2015 Detecting New Programs and Modifications to Executable Files with Windows File Access Auditing and File Integrity Monitoring Security Log
Commissioned 9/15/2015 Windows 10 Device Guard Deep Dive: Using Code Integrity to Stop Mal-Agents Workstation Security
Commissioned 9/10/2015 Top 12 Most Damaging Active Directory Security Malpractices Active Directory
Commissioned 9/8/2015 Using Capture the Flag and Security Simulations to Improve Response Time, Hone Skills and Find Vulnerabilities Active Directory
Commissioned 8/27/2015 How to sudo it right in Linux and Unix for security, manageability, compliance and accountability Active Directory
Commissioned 8/25/2015 Prioritizing the SANS 20 Critical Security Controls to Solve Endpoint Security Risks Active Directory
Security Log Secrets 8/18/2015 Monitoring Privileged Access on SQL Server SQL Server
Commissioned 8/13/2015 Stopping Exfiltration of Files without Stopping the Flow of Business Compliance
Security Log Secrets 7/30/2015 Anatomy of a Hack Disrupted: How One SIEM’s Out-of-the-Box Rules Caught an Intrusion and Beyond Security Log
Commissioned 7/28/2015 Under the Hood with Windows 10 Security Windows Security
Commissioned 7/23/2015 No Account Left Behind: Cleaning up users accounts and reducing risk Active Directory
Commissioned 7/21/2015 Beyond Root: Securing Privileged Access in Linux with Sudo Workstation Security
Security Log Secrets 7/16/2015 Using Splunk and LOGbinder to Monitor SQL Server, SharePoint and Exchange Audit Events SQL Server
Commissioned 7/14/2015 Fixing One of the Weakest Links in Security: Insecure File Transfers between Systems Compliance
Commissioned 6/30/2015 Top 10 Indicators of Tampering with Privileged Accounts Security Log
Security Log Secrets 6/11/2015 Monitoring Security Logs from VMWare vCenter and ESXi Security Log
Commissioned 6/4/2015 Top 10 Tasks to Automate in Active Directory to Save Time, Prove Compliance and Ensure Security Active Directory
Security Log Secrets 5/28/2015 Windows Security Log Deep Dive: Understanding Kerberos Authentication Events from Domain Controllers Active Directory
Commissioned 5/7/2015 2 Factor, SSO, Federation and Cloud Identity are Awesome but it’s all for Naught if You Leave this One Backdoor Open Workstation Security
Security Log Secrets 5/5/2015 Protecting AD Domain Admins with Logon Restrictions and Windows Security Log Active Directory
Commissioned 4/30/2015 Protecting Active Directory from Malicious and Accidental Destruction: When Recycle Bin Isn’t Enough Active Directory
Security Log Secrets 4/28/2015 SharePoint Defense-In-Depth Monitoring: What to Watch at the App, DB and OS Level – and How? SharePoint
Commissioned 4/16/2015 Understanding Privileged User Compliance Requirements for PCI, HIPAA, SOX and ISO 27001 Compliance
Commissioned 4/7/2015 Protecting FTP Servers Exposed to the Internet Compliance
Commissioned 3/26/2015 Protecting Web and Cloud Apps with Dynamic Controls: IP Restrictions, Tokens, Authenticator Apps, SMS Messages and More Compliance
Security Log Secrets 3/24/2015 Rev Up Your SIEM with These Top 8 High Value Security Event Sources Security Log
Commissioned 3/5/2015 Patching Acrobat and Adobe Reader with System Center Configuration Manager Compliance
Commissioned 2/26/2015 How to Use EmergingThreats.net and other Threat Intelligence Feeds with Your SIEM Security Log
Commissioned 2/24/2015 Anatomy of a Data Breach: Tracing a Case of Unauthorized File Access with the Windows Security Log Security Log
Commissioned 2/19/2015 Eliminating FTP: Securing File Transfers with Secure Shell for Encryption and Compliance Compliance
Commissioned 2/10/2015 Solving Windows 2003 End of Life Security Risks: Migration Strategies and Compensating Controls for Beyond July 14, 2015 Workstation Security
Security Log Secrets 1/29/2015 Managing Mailbox Audit Policy in Exchange 2013 Exchange
Commissioned 12/16/2014 Pre-empting Pass-the-Hash Attacks on Windows Systems Workstation Security
Commissioned 12/11/2014 How to Monitor Network Activity with the Windows Security & Firewall Logs to Detect Inbound and Outbound Attacks Security Log
Security Log Secrets 12/9/2014 Setting up Internal Linux and Windows Honeypots to Catch Intruders Security Log
Commissioned 11/18/2014 Shellshock 101: What is Bash? How do Shellshock attacks work? Where are you still vulnerable? How to fix? Compliance
Commissioned 11/13/2014 Addressing the Risk of Unpatched Virtual Machines: Live, Offline and Template Compliance
Commissioned 11/6/2014 Early Detection: Monitoring Mobile and Remote Workstations in Real-Time with the Windows Security Log Security Log
Security Log Secrets 10/16/2014 Not Monitoring SQL Server with Your SIEM is Close to Negligent: What are Your Options? SQL Server
Commissioned 10/9/2014 Spotting the Adversary with Windows Event Log Monitoring: An Analysis of NSA Guidance Security Log
Commissioned 9/18/2014 Correlating Tactical Threat Data Feeds with Security Logs for More Intelligent Monitoring Security Log
Commissioned 8/28/2014 How to do Logon Session Auditing with the Windows Security Log Security Log
Security Log Secrets 8/21/2014 Catching Web Based Attacks with W3C Logs from IIS and Apache Security Log
Commissioned 8/19/2014 Using System Center Configuration Manager 2012 R2 to Patch Linux, UNIX and Macs Workstation Security
Commissioned 7/14/2014 Windows Security Log File Access Auditing Deep Dive Windows Security
Commissioned 6/17/2014 Top 10 Things to Secure on iOS and Android to Protect Corporate Information Windows Security
Security Log Secrets 6/10/2014 Specific Security Monitoring Lessons Learned from: Target, Nieman Marcus, Sony and other breaches Windows Security
Security Log Secrets 6/5/2014 Exploring Win2008/2012’s Windows Event Collection Service Windows Security
Security Log Secrets 6/3/2014 Detecting Information Grabs of Confidential Documents in SharePoint SharePoint
Commissioned 5/22/2014 5 Ways to Protect XP beyond End-of-Life 0-Day Exploits: EMET, DEP, Attack Surface Reduction and more Windows Security
Commissioned 5/20/2014 Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps with WSUS Windows Security
Commissioned 5/15/2014 Getting Control of Linux/Unix with Sudo and AD Integration Active Directory
Commissioned 5/13/2014 Using Regex to Find Sensitive Data on Your Network Windows Security
Commissioned 4/22/2014 7 Steps to Implementing Information Owners Over Unstructured Data Windows Security
Commissioned 4/8/2014 Windows 2003 End of Life: Top 8 Reasons to Start Planning NOW Windows Security
Security Log Secrets 3/27/2014 5 Real World Scenarios for Correlating Host and Network Events to Catch Violations and Intrusions Security Log
Commissioned 3/19/2014 Careto: Unmasking a New Level in APT-ware Windows Security
Commissioned 3/18/2014 Eliminating Permanent Privileged Authority: Making the Switch to Just-In-Time Access Windows Security
Security Log Secrets 3/4/2014 Application Security Intelligence: The Next Frontier in Security Analytics - Bridge the Gap between Applications and SIEM SharePoint
Commissioned 2/20/2014 Preparing for the Inevitable: How to Limit the Damage from a Data Breach by Planning Ahead Windows Security
Commissioned 2/18/2014 Data and Access Governance: Top 6 Areas to Make Sure Are Covered Windows Security
Commissioned 2/13/2014 2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and the Cloud Windows Security
Security Log Secrets 2/11/2014 Top 10 Security Changes to Monitor in the Windows Security Log Security Log
Commissioned 1/30/2014 How to Extend Secure SharePoint Access to Consultants, Customers, Vendors and Business Partners SharePoint
Commissioned 1/23/2014 Stopping APTs with One-Time Passwords Windows Security
Security Log Secrets 1/21/2014 Analyzing Logon Failures in the Windows Security Log Security Log
Commissioned 1/9/2014 Getting Unstructured Data Under Control for Security and Compliance Active Directory
Commissioned 11/7/2013 Adobe Hacked Again: What Does It Mean for You? Workstation Security
Commissioned 10/30/2013 Support for Windows XP is Shutting Down for Good: Stay Secure Beyond the End of Life Workstation Security
Security Log Secrets 10/10/2013 Daily Security Log Check for the SMB IT Admin Security Log
Commissioned 9/19/2013 Real World Defense Strategies for Targeted Endpoint Threats Workstation Security
Commissioned 9/18/2013 Bridging the Gap between Network and Endpoint Security Workstation Security
Commissioned 7/18/2013 Java Insecurity: How to Deal with the Constant Vulnerabilities Workstation Security
Security Log Secrets 6/25/2013 Tracking an End-User’s Activities through the Windows Security Log and Other Audit Logs Security Log
Commissioned 6/19/2013 Implementing ADFS for Single-Sign On to Office 365: Must It Be So Complex? Active Directory
Security Log Secrets 6/18/2013 Top 6 Security Events to Monitor in SQL Server SQL Server
Commissioned 6/12/2013 APT Confidential: 14 Lessons Learned from Real Attacks Windows Security
Commissioned 5/16/2013 Protecting Local Admin Authority on Windows Servers Windows Security
Security Log Secrets 5/9/2013 Detecting Non-Owner Mailbox Access with Exchange Mailbox Auditing Exchange
Security Log Secrets 4/18/2013 Windows Server 2012 Auditing Deep Dive: Claims, Dynamic Access Control, Centralized Permissions Security Log
Commissioned 4/16/2013 Reflective Memory Attacks Deep Dive: How They Work; Why They’re Hard to Detect Windows Security
Commissioned 3/5/2013 Top 9 Mistakes of APT Victims: What They Are and What You Can Do To Prevent Them Workstation Security
Commissioned 2/20/2013 Bit by Bit Analysis of a Java Zero Day Exploit: Methods and Lessons Learned Windows Security
Commissioned 1/29/2013 WSUS for Secure Patching: Top Tips, Tricks and Scripts for Overcoming Limitations and Challenges Workstation Security
Commissioned 1/24/2013 Office 365 Security: Leveraging Active Directory and Integrating with Other Clouds Windows Security
Security Log Secrets 1/15/2013 File Access Auditing in Windows Server 2012 Security Log
Security Log Secrets 1/9/2013 My Rosetta Audit Logging Kits for ArcSight are Here Security Log
Commissioned 12/11/2012 Will the Collision of Cloud and BYOD Destroy Everything You’ve Worked for In Active Directory? Active Directory
Commissioned 12/4/2012 Keeping Bot Herders off Your Servers and Breaking the Lateral Kill Chain of Today’s Attackers Windows Security
Security Log Secrets 11/29/2012 Linking Logon to Logoff and Everything in Between with the Windows Security Log Security Log
Commissioned 11/14/2012 Windows 8 Is Coming to a BYOD Near You: Are the New Security Features Enough? Workstation Security
Commissioned 10/3/2012 Code Signing Debacle 2.0: A Hacked Adobe Server and Its Impact on Us All Windows Security
Commissioned 9/28/2012 UNIX/Linux/Mac Integration with Active Directory: Understanding the 5 Possible End States Active Directory
Commissioned 9/27/2012 Using Logs to Deal With the Realities of Mobile Device Security and BYOD Exchange
Commissioned 9/18/2012 Stopping the Adobe, Apple and Java Software Updater Insanity Workstation Security
Commissioned 7/24/2012 Dousing the Flame: How This Tom Clancy-Esque Attack Worked and What Should You Really Do to Protect Against It Workstation Security
Security Log Secrets 5/15/2012 Understanding Exchange 2010 Audit Logging Exchange
Commissioned 5/1/2012 Endpoint Security Compliance: Top 11 Questions Auditors Ask Compliance
Security Log Secrets 4/25/2012 Auditing SharePoint Activity for Compliance and Security SharePoint
Commissioned 3/21/2012 Beyond Compliance: Combating Threats with Workstation Configuration Management Workstation Security
Commissioned 2/23/2012 Implementing Virtual Security Cameras to Protect Privileged Access and Enforce Accountability Security Log
Commissioned 1/31/2012 BitLocker Drive Encryption: How it Works and How it Compares Windows Security
Commissioned 11/15/2011 Securing Sensitive Content in SharePoint Sites: What You Need to Know Now SharePoint
Security Log Secrets 11/3/2011 Top 6 Security Events You Only Detect by Monitoring Workstation Security Logs Security Log
Commissioned 11/1/2011 Practical Steps For Integrating and Managing Endpoint Security Windows Security
Security Log Secrets 8/24/2011 Understanding Logon Events in the Windows Security Log Security Log
Security Log Secrets 8/4/2011 Top 10 VMWare Security Events You Should Be Monitoring Security Log
Commissioned 8/3/2011 Windows 7 AppLocker: Understanding its Capabilities and Limitations Windows Security
IT Audit 7/27/2011 Active Directory for IT Auditors: Where Does Group Policy Fit In? Active Directory
IT Audit 6/16/2011 Active Directory for IT Auditors: Understanding Domain Controller Security Issues Active Directory
Security Log Secrets 5/18/2011 Monitoring Access to Confidential Information in SharePoint SharePoint
Commissioned 5/12/2011 Using Intelligent Whitelisting to Effectively and Efficiently Combat Today’s Endpoint Malware Windows Security
Commissioned 4/28/2011 SharePoint: What's Going on Behind the Curtain? SharePoint
Commissioned 4/14/2011 Beyond Auditing: How to Implement Preventive Controls over Powerful Users with Privileged Account Management Active Directory
IT Audit 4/13/2011 Active Directory for IT Auditors: Documenting and Analyzing User Accounts Active Directory
Commissioned 3/23/2011 Implement Best Practice, Compliant Log Management and Monitoring with Your Existing Log Management/SEM Solution Security Log
Commissioned 3/18/2011 Downsizing Domain Admins: How to Delegate 9 Common Admin Tasks Active Directory
Security Log Secrets 3/16/2011 Managing Access Control in SharePoint 2010 SharePoint
IT Audit 3/2/2011 Active Directory for IT Auditors: What Changes between Windows 2003 and 2008? Active Directory
Commissioned 2/3/2011 Endpoint Device Control in Windows 7 and Beyond Windows Security
Security Log Secrets 12/2/2010 5 Real World Ways to Use Anomaly Detection with Security Logs Security Log
Security Log Secrets 11/11/2010 Auditing IIS with the Windows Security Log Security Log
Commissioned 10/26/2010 Beyond Windows Patching: Dealing with the New Imperative to Patch Adobe, Apple, Linux and More Windows Security
Security Log Secrets 10/14/2010 Building a Security Dashboard for Your Senior Executives Security Log
Security Log Secrets 6/30/2010 Taming SharePoint Audit Logs with LOGbinder SP and EventTracker SharePoint
Security Log Secrets 6/23/2010 Top 5 Daily Reports for Monitoring Windows Servers Security Log
Commissioned 6/17/2010 Finding Dormant User Accounts in Active Directory Windows Security
Commissioned 5/26/2010 Getting Out of the Way of Green Initiatives: Power Management Joins Patch Management Windows Security
Security Log Secrets 5/6/2010 Configuring Windows Audit Policy to Minimize Noise: Provide Compliance, Support Forensics and Detect Intrusions Active Directory
Security Log Secrets 3/4/2010 Security Log Exposed: Auditing Changes, Deletions and Creations in Active Directory Security Log
Security Log Secrets 2/4/2010 Insider Gone Bad: Tracking Their Steps and Building Your Case with the Security Log Security Log
Commissioned 12/10/2009 Endpoint Security's Unseen Risk: Users with Admin Authority Workstation Security
Security Log Secrets 11/17/2009 11 Ways to Detect System Intrusions with the Security Log Security Log
Security Log Secrets 10/27/2009 Audit Collection Services: Ready for Prime Time? Audit Collection Services (ACS)
Security Log Secrets 10/1/2009 Security Log Exposed: What is the Difference Between “Account Logon” and “Logon/Logoff” Events? Security Log
Security Log Secrets 9/30/2009 Monitoring Active Directory for Security and Compliance: How Far Does the Native Audit Log Take You? Active Directory
Commissioned 9/24/2009 Exploring the SharePoint Audit Log SharePoint
Commissioned 9/16/2009 Top 5 Misconceptions about Endpoint Data Security Workstation Security
Commissioned 8/18/2009 Top 5 Goals for Effectively Using Log Management Security Log
Commissioned 8/13/2009 Using Active Directory’s Delegation of Control and Auditing to Streamline Security and Access Management Active Directory
Security Log Secrets 7/23/2009 Using Windows Server 2008's New Log Management Features: Archival, Forwarding, Views and Triggers Security Log
Commissioned 7/15/2009 Integrating Unix/Linux Identity and Authentication into Active Directory Active Directory
Commissioned 6/23/2009 Root Access: Protecting and Ensuring Accountability in Unix and Linux Compliance
Commissioned 6/16/2009 Quantifying the Cost of Log Management: Making a Good Decision Security and Business-wise Security Log
Commissioned 5/21/2009 Strong Authentication on a Budget: Leveraging Industry Standards and your Existing Technology Investments Windows Security
Security Log Secrets 5/14/2009 Top 9 Ways to Detect Insider Abuse with the Security Log Security Log
Commissioned 5/13/2009 Addressing the 8 Worst Areas for Risk and Cost in Active Directory Identity Management Active Directory
Security Log Secrets 3/19/2009 Leveraging the XP and Vista Security Logs to Ensure Workstation Security and Compliance Security Log
Commissioned 2/5/2009 SharePoint Security: Managing, Auditing, and Monitoring SharePoint
Security Log Secrets 1/20/2009 Anatomy of a Hack: Tracking an Intruder with Security Logs Security Log
IT Audit 12/10/2008 Active Directory: Answering Who Has Access to What? Active Directory
IT Audit 11/13/2008 Assessing the Risk of Trust Relationships in Active Directory Active Directory
Security Log Secrets 10/29/2008 Auditing File Access with the Windows Server 2008 Security Log: The Good, Bad and Ugly Security Log
Commissioned 10/18/2008 Eliminating Admin Rights on Workstations and Laptops: Avoiding the Pitfalls and Making it Work in the Real World Workstation Security
IT Audit 10/1/2008 Understanding Active Directory Structure and How It Makes Auditing AD Different Active Directory
Security Log Secrets 9/25/2008 Auditing Unauthorized, Unrecognized Software Security Log
IT Audit 9/4/2008 Active Directory Audit: Factoring in Integration with Other Applications, Databases and Platforms Active Directory
IT Audit 8/7/2008 Auditing the Windows/Active Directory Environment Active Directory
Security Log Secrets 7/24/2008 Top 12 Security Events To Monitor on Member Servers Security Log
Security Log Secrets 6/19/2008 Understanding Authentication Events in the Windows 2003 and 2008 Security Logs Security Log
Security Log Secrets 5/20/2008 Monitoring Access Changes with the Windows 2008 and 2003 Security Logs Security Log
Security Log Secrets 4/24/2008 Advanced Security Log Monitoring through Multi-Event Correlation Security Log
Commissioned 2/28/2008 Vista's User Account Control and Beyond Workstation Security
Security Log Secrets 12/20/2007 Auditing Program Execution with the Security Log Security Log



Additional Resources