/
Threat Indicators Generated from Windows Events
Use https://seceonhelp.freshdesk.com/support/login to access updated Knowledge Base Articles, Submit Technical Support Tickets and Review Status of submitted support tickets.
Threat Indicators Generated from Windows Events
- Customer Success & Engineering (Unlicensed)
Last updated: Nov 16, 2018
| S. No | Device Type | Threat Indicators generated |
|---|---|---|
| 1. | Windows OS/Windows AD | Window Defender |
| Host Login Success / Host Login Failure | ||
| Object Access Status | ||
| Account Lockout | ||
| Account Created / Enabled | ||
| Account Deleted / Disabled | ||
| Privilege Change | ||
| Network Logout | ||
| Directory Service Status | ||
| System Time | ||
| Group Policy Object | ||
| Password Change / Reset | ||
| 2. | MSSQL | Login Success |
| Login Failure | ||
| Application | ||
| Object Access Status | ||
| 3. | Windows IIS | Web Exploit |
| 4. | Windows DNS | Suspicious Domain |
| 5. | Windows DHCP | Application |
| 6. | Windows SMTP | Email Info |
| 7. | MS Exchange | Email Info |
, multiple selections available,
Related content
Configuring Windows Events
Configuring Windows Events
Read with this
Enable Windows Events Logs(Audit Policies)
Enable Windows Events Logs(Audit Policies)
Read with this
Event Collection at Windows Collector Server
Event Collection at Windows Collector Server
Read with this
Windows Defender Configuration
Windows Defender Configuration
More like this
Device Configuration: Bitdefender GravityZone via Http Listener
Device Configuration: Bitdefender GravityZone via Http Listener
More like this
From Source Windows Server
From Source Windows Server
Read with this
Seceon Inc. All rights reserved. https://www.seceon.com