Among the countless changes in Windows 10, Microsoft has provided IT organizations more visibility into auditable actions on Windows 10 machines and the resulting events in the Security Log. Understanding these enhancements is important because we need every edge we can get to detect endpoint intrusions.
Microsoft has added specific auditing and logging events in an effort to empower IT organizations to determine when potential threat actions are being performed.
Download this whitepaper to:
- Learn new and updated event entries in Windows 10
- Educate yourself on specific changes
- Learn how to leverage new events to identify malicious activity