Preventing attackers from gaining control of network endpoints is difficult. Your preventative controls might stop such an event, but defense-in-depth best practices recommend a multi-layered security approach to protect your organization. In this webcast, Seth Goldhammer, director of product management at LogRhythm, joins Randy Franklin Smith, Windows Security subject matter expert, to discuss how to detect attackers in various stages of the Cyber Attack Lifecycle. The duo examines Windows and Windows Firewall events including: * 4798—A user's local group membership was enumerated * 4799—A security-enabled local group membership was enumerated * 4627—Group membership information * 6416—A new external device was recognized by the system They also show how LogRhythm’s analytics can recognize progression along the Cyber Attack Lifecycle, while increasing risk scoring with each progression, and how LogRhythm can infer additional context about a user during analysis. Watch now to learn how to take your security operations to the next level.
|¿Le gustaría hacer webinars o eventos online con nosotros?