DEM: Non-Persistent VDI Deployment and Backing Up Windows Event Logs

Overview Some organizations are required to deploy and use SIEM (Security Information and Event Management) products within their environments. Your InfoSec team may live and die by some type of SIEM within your environment whether it be IBM Qradar, Solarwinds LEM, Splunk, LogRhythm, or vRealize Log Insight, etc. However, some environments require that you have … Continue reading DEM: Non-Persistent VDI Deployment and Backing Up Windows Event Logs

Windows 10 1709 and SMBServerNameHardeningLevel

Recently  old colleague of mine call me from my previous job. During their testing they found when they went to Windows 10 1709 their configuration baseline tool was unable to scan for compliance on 1709 Windows clients. I worked with him over the weekend to find root cause to the issue and to submit a … Continue reading Windows 10 1709 and SMBServerNameHardeningLevel