7MS #495: Desperately Seeking a Super SIEM for SMBs - Part 5
7 Minute Security
English - November 17, 2021 21:00 - 39 minutes - 36.3 MB - ★★★★★ - 63 ratingsTechnology News Tech News information security security Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: 7MS #494: Interview with Josh Burnham of Liquid Web
Next Episode: 7MS #496: Tales of Pentest Pwnage - Part 30
Today we continue our SIEM/SOC evaluation series with a closer look at one particular managed solution and how it fared (very well) against a very hostile environment: the Light Pentest LITE pentesting course! Spoiler alert: this solution was able to detect:
RDP from public IPs Password spraying Kerberoasting Mimikatz Recon net commands Hash dumping Hits on a "honey domain admin" account Users with non-expiring passwords Hits on the SSH/FTP/HTTP honeypot