Use https://seceonhelp.freshdesk.com/support/login to access updated Knowledge Base Articles, Submit Technical Support Tickets and Review Status of submitted support tickets.
Threat Indicators Generated from Windows Events
| S. No | Device Type | Threat Indicators generated |
|---|---|---|
| 1. | Windows OS/Windows AD | Window Defender |
| Host Login Success / Host Login Failure | ||
| Object Access Status | ||
| Account Lockout | ||
| Account Created / Enabled | ||
| Account Deleted / Disabled | ||
| Privilege Change | ||
| Network Logout | ||
| Directory Service Status | ||
| System Time | ||
| Group Policy Object | ||
| Password Change / Reset | ||
| 2. | MSSQL | Login Success |
| Login Failure | ||
| Application | ||
| Object Access Status | ||
| 3. | Windows IIS | Web Exploit |
| 4. | Windows DNS | Suspicious Domain |
| 5. | Windows DHCP | Application |
| 6. | Windows SMTP | Email Info |
| 7. | MS Exchange | Email Info |
Seceon Inc. All rights reserved. https://www.seceon.com