active directory Archives - Cyber Secure Forum | Forum Events Ltd
Posts Tagged :

active directory

White Paper: Maximize Your SIEM with Precise Active Directory Security Details

960 640 Guest Post

Filling the Active Directory Security Gaps in Your SIEM

Lateral movement and privilege escalations through Active Directory are the root cause of all breaches. SIEM solutions are not new, and most organizations rely on them to measure the overall security of the network and devices that the SIEM is monitoring. SIEMs can gather log information from computers, firewalls, network devices, printers, and more.

With each device having a different logging format, as well as different levels of events, the SIEM must be configured for each and every device to ensure proper analysis and event gathering. Just looking at Active Directory and domain controllers alone, you’ll find thousands of generated events.

There’s a hacker-shaped hole in your SIEM. Stopping AD compromise begins with weeding out the root causes: lateral movement + privilege escalation. 

Get the Alsid Academy guide by Microsoft MVP Derek Melber at Alsid to help fill the gaps in your SIEM.

Agenda:

  • Where SIEMs succeed (and fail)
  • SIEM customization, correlation, and false positives
  • The risks of agent- and privilege-based solutions

Download the white paper here