Use https://seceonhelp.freshdesk.com/support/login to access updated Knowledge Base Articles, Submit Technical Support Tickets and Review Status of submitted support tickets.

Threat Indicators Generated from Windows Events

S. NoDevice TypeThreat Indicators generated
 1.
 
 
        
Windows OS/Windows AD


          
Window Defender
Host Login Success / Host Login Failure
Object Access Status
Account Lockout
 Account Created / Enabled
 Account Deleted / Disabled
 Privilege Change
 Network Logout
 Directory Service Status
 System Time
 Group Policy Object
 Password Change / Reset
 2.    MSSQL   Login Success
 Login Failure
 Application
Object Access Status
 3.Windows IIS Web Exploit
 4. Windows DNS    Suspicious Domain
 5. Windows DHCP Application
 6. Windows SMTPEmail Info
 7. MS ExchangeEmail Info

Seceon Inc. All rights reserved. https://www.seceon.com