EventSentry

2002
Chicago, IL, USA
Mar 28, 2019   |  By Ingmar Koecher
Since Active Directory is the foundation of all Windows networks, monitoring Active Directory needs to be part of any comprehensive security strategy. Up to version 3.5, EventSentry utilized Windows auditing and the security event log to provide reports on: User Account Changes, Group Changes and Computer Account Changes.
Jul 31, 2018   |  By Ingmar Koecher
EventSentry v3.5 continues to increase visibility into networks with additional vantage points, making it easier for EventSentry users to reduce their attack surface as well as discover anomalies.
Mar 16, 2018   |  By Ingmar Koecher
Windows supports a code-signing feature called Authenticode, which allows a software publisher to digitally sign executable files (e.g. .exe, .msi, …) so that users can verify their autenticity. The digital signature of a file can be viewed in the file properties in Windows explorer on the “Digital Signature” tab.
Jan 30, 2018   |  By Ingmar Koecher
In part one I provided a high level overview of PowerShell and the potential risk it poses to networks. Of course we can only mitigate some PowerShell attacks if we have a trace, so going forward I am assuming that you followed part 1 of this series and enabled: Module Logging, Script Block Logging, Security Process Tracking (4688/4689)
Jan 29, 2018   |  By Ingmar Koecher
Imagine someone getting the seemingly innocent ability to run a couple of commands on a machine on your network WITHOUT installing any new software, but those commands resulting in a reverse shell running on that same machine – giving the intruder a convenient outpost in your network. Now stretch your imagination even further and pretend that all of this happens without leaving any unusual traces in logs – leaving you completely in the dark.
Jul 3, 2018   |  By EventSentry
Justifying the purchase and implementation of a system monitoring solution can be difficult, since IT department software purchases are faced with more scrutiny than ever in today’s extremely competitive marketplace.
Jul 3, 2018   |  By EventSentry
This guide gives you a quick, architectural overview of EventSentry to get you started using the product. Browse or search the documentation for detailed product information.
Jul 3, 2018   |  By EventSentry
Once you are familar with the basic concept of EventSentry we recommend that you take a look at the best practices. It contains useful tips & tricks and configuration examples to help you get the most out of EventSentry with the least amount of administration.
May 8, 2019   |  By NETIKUS.NET LTD
EventSentry v4.0 installation from start to finish.
Apr 8, 2019   |  By NETIKUS.NET LTD
EventSentry's ADMonitor natively monitors Active Directory™ to detect all object changes down to the attribute with before and after values. ADMonitor also captures group policy changes and includes a complete user inventory to quickly identify at-risk user accounts.
Nov 2, 2018   |  By NETIKUS.NET LTD
Put netstat on steroids and reduce your attack surface by revealing all processes on your network that are listening for incoming TCP connections. EventSentry can also alert when a new process is listening for incoming connections, or when critical processes are not running.
Sep 21, 2018   |  By NETIKUS.NET LTD
Explains how to exclude email alerts in EventSentry using Outlook, the built-in event viewer, or manually.
Jun 24, 2018   |  By NETIKUS.NET LTD
3 reasons why our fping utility is better than the Windows built-in ping utility.