Active Directory Security Event Analysis using LogonTracer

LogonTracer associates a host name (or an IP address) and account name found in logon-related events and displays it as a graph and it is…

Critical Log Review Checklist for Security Incidents

This is a checklist for reviewing critical logs when responding to a security incident. It can also be used for routine log review. General Approach…