The P-Microsoft Windows package offers an easy way to monitor both host and entity related individual incidents. Furthermore, it offers a flexibility to integrate the product's events with either Activate L1 Indicator and Monitoring packages or the existing non-Activate contents for further detection and investigation. This package supports following Use Cases and User Stories:
Please see the Release Notes for changelog details.
New rule resources added
This release contains the following:
1) Verified and Fine-tuned Rules and Filter conditions for efficient event evaluation.
2) Included : 'System Audit Policy was Changed'', "DSRM Account Password Change Attempt", "Custom Special Group Logon Tracking" & "A Directory Service Object Was modified" user stories to this release.
This update includes customization and update packages and minor bug fixes.
MKTP-418 : Updated "User Account Enabled" Filter bug.
Please upgrade to one of the following broswers: Internet Explorer 11 (or greater) or the latest version of Chrome or Firefox