Auditing Unauthorized, Unrecognized Software

Webinar Registration

In this Security Log Secrets real-training webinar I will show you how you can use the security log to tell you when new software is installed or executed for the first time on workstations or servers.

There's a crucial difference between installation and execution. Malware and hacker tools often don't go through a normal installation process for obvious reasons.

Tracking and responding to new software that shows up on your is important for multiple reasons:
- Information security
- Change control
- Additional layer of defense against malware
- Licensing
- Unauthorized actions by end-users on workstations or admins on servers

Unfortunately the Windows security log does not include specific events for tracking software installation. But with a little imagination, you can still get this information from the log with some creative audit policies and analysis. And that's what I'll share in this webinar.

Of course, there's limits to what the security log can do. For instance, tracking script execution with the security creates a bit of a challenge (though not impossible). So I'm always on the lookout for solutions that fill these gaps. This webinar is made possible by a SEIM solution that includes added functionality for tracking EXEs, DLLs *AND* scripts and I'll briefly walk the sponsor through a demonstration of this functionality.
First Name:   
Last Name:   
Work Email:  
Phone:  
Job Title:  
Organization:  
Country:    
City:  
State:  
Street Address:
Zip :
Industry :
 

Your information will be shared with the sponsor.


 

 

Additional Resources