Among the countless changes in Windows 10 Microsoft has provided IT organizations more visibility into auditable actions on Windows 10 machines and the resulting events in the Security Log. Understanding these enhancements is important because we need every edge we can get to detect endpoint intrusions. Threat actors use a sophisticated mix of phishing, social engineering, and malware to attempt to compromise any user within an organization. A seemingly benign order request sent to a salesperson or a benefits summary to someone in HR can contain attachments infected with malware. Once such payloads are in, the goal is to determine how to leverage current users and other accounts on the compromised machine to access valuable and sensitive data, as well as how to spread out within the organization and repeat the process.
DatacenterDynamics is a brand of DCD Group, a global B2B media and publishing company that develops products to help senior professionals in the world's most ICT dependent organizations make risk-based infrastructure and capacity decisions.
Our portfolio of live events, online and print publishing, business intelligence and professional development brands are centred on the complexities of technology convergence. Operating in 42 different countries, we have developed a unique global knowledge and networking platform, which is trusted by over 30,000 ICT, engineering and technology professionals.
Data Centre Dynamics Ltd.
102-108 Clifton Street
London EC2A 4HW