Name: Monitoring Privileged Accounts with Windows Security Log
Start: 2018-02-28T17:00:00Z
End: 2018-02-28T17:00:48.000Z
Location: BrightTALK
Rating: 4.5

LogRhythm helps security teams stop breaches by turning disconnected data and signals into trustworthy insights. From connecting the dots across diverse log and threat intelligence sources to using sophisticated machine learning that spots suspicious anomalies in network traffic and user behavior, LogRhythm accurately pinpoints cyberthreats and empowers professionals to respond with speed and efficiency. 

With cloud-native and self-hosted deployment flexibility, out-of-the-box integrations, and advisory services, LogRhythm makes it easy to realize value quickly and adapt to an ever-evolving threat landscape. Together, LogRhythm and our customers confidently monitor, detect, investigate, and respond to cyberattacks. Learn more at logrhythm.com

Security teams face the challenges of staying ahead of new and advanced threats. By harnessing the combined power of LogRhythm Axon's analytics and SOC Prime's cutting-edge capabilities, security teams can proactively defend against attacks.

Register for this joint partner webinar to learn how SOC Prime’s solutions for advanced detection engineering and threat hunting, in combination with LogRhythm Axon’s real-time analytics and threat management, help you elevate your defenses at scale.

You’ll learn how to:
-Apply a collective cyber defense approach to elevate detection engineering
-Leverage a tailored rule feed on the latest adversary TTPs to enable proactive cyber defense
-Improve visibility into cyber threats you anticipate most
-Create high-quality detection code faster and smarter while enhancing visibility into a broader range of threats
-Improve MTTD & MTTR metrics.

Scaling Up Cyber Defense: Best Practices by SOC Prime and LogRhythm

April 2024 marks LogRhythm’s 8th consecutive quarterly release, providing you with advanced intelligence and analytics capabilities to safeguard your environment with confidence. 

Join us for an overview of LogRhythm’s latest quarterly release for LogRhythm Axon, our cloud-native SIEM platform. Product leaders will demo the latest enhancements, including seamless community sharing with new out-of-the-box content and more!

Get guidance on how to apply these enhancements to your team, ask questions, and get real-time answers. We are always continuously improving in your service.

April 2024 Quarterly Launch Webinar - LogRhythm Axon

April 2024 marks LogRhythm’s 8th consecutive quarterly release, providing you with advanced intelligence and analytics capabilities to safeguard your environment with confidence. 

Join us to learn more about LogRhythm’s latest quarterly release for LogRhythm SIEM, our self-hosted SIEM platform. Product leaders will demo the latest enhancements aimed to improve data management and operational efficiency for your security teams.

Get guidance on how to apply these enhancements to your team, ask questions, and get real-time answers. We are always continuously improving in your service.

April 2024 Quarterly Launch - LogRhythm SIEM

We will be discussing how cloud SIEM solutions can enhance the security posture of modern, cloud-focused organisations and take questions from the audience.

In this webinar, they will cover:
-Steps to take to avoid the very real and growing issue of unexpected data charges
-The key considerations if you are planning on moving away from an existing ‘on-prem’ solution
-How excellent understanding of your operational health, your environment, and your essential applications are crucial to a successful roll out
-Resource liberation – the options available to you when it comes to freeing your internal teams from the burdens of constant monitoring and managemen

Cloud SIEM Strategies & New Solutions to Elevate Cybersecurity Posture

In this webinar we will review the NIS2 requirements, identifying which Cybersecurity areas and processes will be impacted. What steps and actions do you need to take? Let discuss on how LogRhythm will massively help you to cover those areas and support customers to achieve NIS2 goals and improve their Cybersecurity posture.

Are you ready for NIS2?

Watch this on-demand webinar to see us embark on a journey through cyber-history, tracing the evolution from innocent viruses to today’s relentless cyberthreats. Discover the pivotal role time plays as adversaries wield it as a weapon, leaving healthcare security defenders struggling to keep pace. 

In times of economic uncertainty, understand how you can help improve the flexibility and responsiveness of healthcare security risk, streamline efficiencies, and increase worker productivity, driving a predictable budget and value on investment.

Accelerating Cybersecurity in Healthcare

The healthcare industry is full of sensitive and private information – lending itself to heightened risk of cyberattacks, more specifically ransomware attacks. In fact, six out of ten healthcare organizations experienced at least one ransomware attack in the last year. 

Rest assured, it’s not all doom and gloom from here on out. Join LogRhythm’s Gabrielle Hempel, Customer Solutions Engineer, and Mikiann McIntosh, Risk & Compliance Engineer, for this on-demand webinar on the intersection of healthcare and ransomware.

You’ll learn:
• Historical and escalating challenges and attacks faced by the healthcare industry 
• How LogRhythm Axon helps healthcare organizations navigate and mitigate ransomware threats 
• Examples from organizations like yours on how they avoided potentially disastrous ransomware attacks

Ransomware Risks in Healthcare: Here’s What You Can Do

While 100% accurately forecasting the future of cybersecurity is but a pipe dream, preparing adequately through well-informed predictions is essential for setting your organization up for success in the new year. 

Join the following panel of LogRhythm executives and engineers for an on-demand webinar on must-know cybersecurity predictions for this year — spanning from top vulnerabilities to be aware of, to what’s to come with generative AI, and more:

• Andrew Hollister, CISO & VP Labs R&D 
• Kevin Kirkwood, Deputy CISO
• Sally Vincent, Senior Threat Research Engineer  
• Gabrielle Hempel, Customer Solutions Engineer

Eight LogRhythm Cybersecurity Predictions for 2024

Secure your environment with the help of LogRhythm Axon & D3 Security! Learn how the integrated solution of LogRhythm Axon and D3 Smart SOAR can streamline your security operations, automate threat detection and response, and offer a centralized view of your security environment.

Intelligent Threat Detection and Response D3 Security and LogRhythm Axon

Découvrez la puissance de LogRhythm Axon, une plateforme SIEM cloud-native conçue pour simplifier vos opérations de sécurité. LogRhythm Axon est une solution SaaS qui aide les analystes de sécurité à se concentrer sur l'essentiel en offrant une visibilité automatisée des environnements afin d'identifier, d'analyser, de signaler et de répondre facilement aux menaces.

LogRhythm Axon: La nouvelle plateforme SIEM cloud avec NeoVad

Learn how you can improve your enterprise’s hybrid IT security posture and enhance your analyst experience with a cloud-native SIEM platform. Discover the power of LogRhythm Axon, a cloud-native SIEM platform designed to simplify your security operations. LogRhythm Axon is a cloud-native SaaS platform that helps security analysts focus on what matters by providing automated visibility into cloud and on-prem environments to easily identify, analyze, and report on potential threats.

Intro to LogRhythm Axon with RedLegg

Join us for an overview of LogRhythm’s latest quarterly release for LogRhythm Axon, our cloud-native SIEM platform. Product leaders will demo the latest enhancements, including:

- New interactive single screen investigation in case management, reducing mean time to respond
- Improvements to Assisted Search feature, increasing analyst productivity
- Additional collector for Microsoft Office 365 Management API, expanding visibility
- Enhancements to Axon Agent management, increasing efficiency for on-prem data collection
- And more!

Get guidance on how to apply these enhancements to your team, ask questions, and get real-time answers. We are always continuously improving in your service.

January 2024 Quarterly Launch - LogRhythm Axon

Join us for an overview of LogRhythm’s latest quarterly release for LogRhythm SIEM, our self-hosted SIEM platform. Product leaders will demo the latest enhancements for:

- New supported log sources and parsing capabilities for more effective data analysis
- Expanded support to onboard additional Beats and Open Collectors from a single location for increased efficiency
- Simplified Windows Event log onboarding and improved analyst workflows when reviewing alarm notifications
- And more!

Get guidance on how to apply these enhancements to your team, ask questions, and get real-time answers. We are always continuously improving in your service.

January 2024 Quarterly Launch - LogRhythm SIEM

Security operations center (SOC) analysts are on the frontline of defending against adversaries who are constantly trying to hack sensitive data and information that could lead to a damaging breach. The success of your security team is critical to properly protect the business.

In this webinar, our featured guest from Forrester, Allie Mellen, and LogRhythm Senior Threat Research Engineer, Sally Vincent, dive into the everyday life of the security analyst.

They guide you through:

• Analyst burnout prevention and protection
• How to enhance the overall analyst experience (AX)
• Tools and technology to improve AX
• How to improve threat detection and response with LogRhythm

Watch this presentation to learn how to optimize your SOC analyst experience to make more accurate and agile decisions that better protect your environment.

The SOC Analyst Experience: Tools and Techniques to Enhance Performance

As cities around the world become increasingly connected and digitalized, smart grids are playing a key role in the sustainable management of energy distribution. However, with this increased connectivity comes the risk of cyberattacks that could have disastrous consequences for power grids and plants. 

In this webinar, Leonardo Hutabarat, Solutions Engineering Director, APJ, LogRhythm, will provide an in-depth overview of the benefits of smart grids in smart cities, as well as the common cyber threats they face. He will also discuss the latest best practices for securing smart grids and explore how a SIEM can help in monitoring and protecting smart grid architectures.

Securing Smart Grids in Smart Cities: Cyber Threats and Countermeasures

Ransomware is a type of malicious software used by cybercriminals to encrypt a user or organization’s digital data to block access until a ransom demand is met. In recent years, ransomware attacks have become more sophisticated and increasingly more common causing significant damage to your organization. With ransomware taking advantage of human, software vulnerability, technology, and network, adopting the right tools and techniques can help strengthen your security posture. 

In this webinar, LogRhythm experts give you a holistic and pragmatic overview of ransomware attacks, detection techniques, mitigation strategies, and prevention.  
 
Watch this webinar to learn about how LogRhythm can help you protect your environment from bad actors and malicious attacks.

Racing Against Ransomware [Episode 4]: How to Detect Attacks

As your committed cybersecurity partner in an ever-evolving threat landscape, we know that offering features that enhance the productivity and onboarding processes for security analysts is as important as ever before. 

This quarter, LogRhythm’s product releases are focused on bringing efficiency to the SOC with seamless integration and bridging the ever-evolving cybersecurity skills gap for overwhelmed security teams. 

Watch this on-demand webinar to learn about LogRhythm's sixth quarterly launch of exciting innovations and advancements to our product suite. Product leadership guides you through what you can expect with this quarter's launch and the steps you can take to apply them to your team.

October 2023 Quarterly Launch

Over the last couple of years, LogRhythm has been working on a ground-breaking SaaS solution to make the life of the SOC analyst easy. Novacoast Education has an exclusive sneak peek at their next release.

Cloud Native Security With Logrhythm Axon and NovaCoast

Hackers have determined a number of ways to harvest privileged account credentials and use them to infiltrate networks. This makes monitoring privileged account usage critical to reducing your organization’s cyber risk.

The good news is that Windows provides event ID 4672, which is logged whenever an account signs in with admin user rights.

Event ID 4672 contains valuable information, such as user name, computer name and privileges, and logon session ID. Administrative users will always have one or more of the rights that trigger event 4672.

In this webinar, Windows Security Expert, Randy Franklin Smith, provides free technical training on detecting compromised accounts and demonstrates how to sift through event 4672 details.

Register now to learn how to use Windows Security Log to monitor privileged access and threat hunt for suspicious logon sessions.

Monitoring Privileged Accounts with Windows Security Log

lateral Movement

Cyber Security

compromised credentials

Windows

Authentication

Threat Detection

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

The data center management community focuses on the holistic management and optimization of the data center. From technologies such as virtualization and cloud computing to data center design, colocation, energy efficiency and monitoring, the BrightTALK data center management community provides the most up-to-date and engaging content from industry experts to better your infrastructure and operations. Engage with a community of your peers and industry experts by asking questions, rating presentations and participating in polls during webinars, all while you gain insight that will help you transform your infrastructure into a next generation data center.

Data Center Management

The unexpected nature of natural disasters and other disruptive events means that preparation is key to managing disaster recovery and business continuity planning. Join the business continuity and disaster recovery community for live and recorded presentations discussing best practices for business continuity planning, disaster recovery programs and business continuity management. Learn from BCDR experts to develop your critical infrastructure and gain insight into tactical solutions to your BCDR issues.

Business Continuity / Disaster Recovery

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

Practicing business intelligence allows your company to transform raw data into sets of insights for targeted business growth. The business intelligence and analytics community on BrightTALK is made up of thousands of data scientists, database administrators, business analysts and other data professionals. Find relevant webinars and videos on business analytics, business intelligence, data analysis and more presented by recognized thought leaders. Join the conversation by participating in live webinars and round table discussions.

Business Intelligence and Analytics

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

Welcome to the big data and data management community on BrightTALK. Join thousands of data quality engineers, data scientists, database administrators and other professionals to find more information about the hottest topics affecting your data. Subscribe now to learn about efficiently storing, optimizing a complex infrastructure, developing governing policies, ensuring data quality and analyzing data to make better informed decisions. Join the conversation by watching live and on-demand webinars and take the opportunity to interact with top experts and thought leaders in the field.

Big Data and Data Management

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Monitoring Privileged Accounts with Windows Security Log

Presented by

About this talk

More from this channel