Correlating Network and Host Activity for Full Traffic Attribution

Monitoring your network traffic can help you detect the first signs of misuse or a potential intrusion. But the identity of the user and program behind a potential issue may still be a mystery. To uncover those details and get the full picture, you need to look at host logs.

In this on-demand webinar, Liam Mayron, a senior technical product manager at LogRhythm, joins Randy Franklin Smith, a Ultimate Windows Security expert, to discuss network monitoring and analysis and how network traffic alarms can help guide you on host attribution.

During the webinar, our speakers discuss:

  • What kind of data you can glean from the network
  • Ways to correlate data to the appropriate Windows system
  • How to determine packet senders and which programs are involved using security log events and sysmon
  • Key network monitoring scenarios to consider for alerts

Watch the on-demand webinar now to learn how host logs can help you dig deeper into your network traffic and reduce your threat risk.