Explore effective logging techniques for quick security wins in this 22-minute conference talk from BSides Cleveland 2018. Learn about password changes after hours, multiple account lockouts, generic accounts, non-existent or disabled accounts, unusual locations, and malicious domains. Gain insights into tools and setup for improved logging practices. Discover how to piece together security puzzles one step at a time with guidance from speaker Celeste Hall.
Overview
Syllabus
Intro
ABOUT CELESTE HALL (That's mel)
TOOLS AND SETUP
PASSWORD CHANGES AFTER HOURS
MULTIPLE ACCOUNT LOCKOUTS
GENERIC ACCOUNTS
ACCOUNTS DON'T EXIST / DISABLED
UNUSUAL LOCATIONS
DIFF ACCOUNTS / SAME LOCATION
MALICIOUS DOMAINS