If you manage an Active Directory infrastructure, you probably know that you should be monitoring activity or data or something. But what exactly needs to be monitored? Well, as I say in my latest paper, there is no one-size-fits-all prescription for Active Directory monitoring. But, there are five items that carry particular interest. In this paper, I go into detail on each of the five – what needs to be monitored and why.
For many mid-market organizations, these five may cover 80% of security monitoring needs – especially for organizations that are strategic about their use of Active Directory. As the title says, it's strictly limited to Active Directory, so don't look for firewall logs or changes to virus protection files. There's a short excerpt here if you'd like to take a peek.
If you're a security or Identity Management consultant, feel free to contact me directly and I'll be happy to send you a copy.
...The 5 Most Critical Points for Active Directory Security Monitoring