Detecting Security Incidents Using Windows Workstation Event Logs

Windows event logs can be an extremely valuable resource to detect security incidents. While many companies collect logs from security devices and critical servers to comply with regulatory requirements, few collect them from their windows workstations; even fewer proactively analyze these logs....

By

Russ Anthony

July 9, 2013

All papers are copyrighted. No re-posting of papers is permitted

Related Content

Cybersecurity and IT Essentials, Cybersecurity Insights

October 24, 2024

The ABCs of Cybersecurity

A glossary of cybersecurity terminology that will help you quickly get up to speed on the industry’s terms and meanings.

Why SANS - Blog - Zero Trust - Best Practices for Securing Your Network with Zero Trust Network Access_340 x 340.jpg

Cybersecurity Insights

August 16, 2024

Best Practices for Securing Your Network with Zero Trust Network Access

Zero Trust Network Access has emerged from the rapidly evolving world of cybersecurity as a critical strategy for protecting networks.

Cybersecurity Insights

December 7, 2020

SANS Zoom Backgrounds

Download our Zoom backgrounds!