Security Monitoring–Updating Service Created on DC Rule

Disclaimer: Due to changes in the MSFT corporate blogging policy, I’m moving all of my content to the following location. Please reference all future content from that location. Thanks. One piece of feedback that I’ve seen in regards to security monitoring is noise due to services created on a domain controller. In general, this should…

0

Security Monitoring–Updating Scheduled Task Creation Rule

Disclaimer: Due to changes in the MSFT corporate blogging policy, I’m moving all of my content to the following location. Please reference all future content from that location. Thanks. One piece of feedback I’ve gotten is that monitoring the creation of scheduled tasks as well as service creation on domain controllers can get a bit…

0