Posts tagged: monitoring
4 posts
Practical ISM E01: Guidelines for system monitoring
Learn how to implement comprehensive logging and monitoring policies that meet Australian Government ISM requirements, including control implementation, log management, and security monitoring best practices.
Read More →System Monitor (Sysmon)
System Monitor (Sysmon) is a Windows system service and device driver that monitors and logs system activity to the Windows event log, providing detailed information about process creation, network connections, and file changes.
Read More →Windows Event ID 4624: Successful Logon Analysis
Windows Event ID 4624 guide: Complete analysis of successful logon events, logon types (interactive, network, RDP), security monitoring, and blue team detection techniques for Windows authentication events and security monitoring.
Read More →DRAFT: OSQuery
Learn about OSQuery, the open-source operating system instrumentation framework for monitoring and querying system information across multiple platforms.
Read More →