In Mr. Robot‘s episode 9 of season 2 (13:53), Angela Moss needs to obtain the Windows domain password of her superior, Joseph Green, in order to download sensitive documents that would potentially incriminate EvilCorp. Since her attack requires physical access to his computer, she starts with a good old-fashioned social engineering attack to get the only currently present employee in the office to leave.

With the proper auditing enabled (Logon/Logoff – Logon (Failure)) and EventSentry installed however, we can permanently block remote users / hosts who attempt to log on too many times with a wrong password. Setting this up is surprisingly simple.

Though re:Invent technically runs for another day, the fourth day is traditionally the final day in terms of large announcements — this certainly rings true for this year as well, with several significant announcements from Amazon and associates.

If business professionals ignore network and system issues, the consequences could be dire. For instance, imagine what might happen if your company suffers a cyberattack, flood or supply chain failure. In this scenario, your critical networks and systems may slow down or stop working. And if you lack an effective business continuity management (BCM) strategy, you risk downtime and outages that could put a significant dent in your business’ bottom line.

As re:Invent continues, so to does the string of announcements promising to change the face of cloud computing. Many of the major announcements today came from Amazon itself — amongst other items, AWS announced two new containerized cloud offerings.

For cloud security managers, re:Invent is almost a Christmas morning of security announcements, new feature sets, and demonstrations designed to convey important lessons gleaned throughout the previous year. re:Invent 2017 is shaping up to be no exception, with a veritable bevy of content to discuss.

Day two of re:Invent has shaped up to be just as interesting as the first, with some very interesting announcements from some rather large hitters. Let’s take a look at today’s announcements in this, the second part of our ongoing re:Invent coverage.

If you’re running Windows 2008 (R2) or 2012 then setting up DNS auditing requires a few steps. Thankfully it’s a one-time process and shouldn’t take more than a few minutes. On the EventSentry side a pre-built package with all the necessary rules is available for download and included with the latest installer.

Continuing our focus on Security Monitoring and after the release of the JavaScript Security Monitoring feature we have released the latest addition to the toolset, Malicious User Detection.

We’re again excited to announce the availability of EventSentry v3.4, the latest release of our hybrid SIEM monitoring suite.