Microsoft 11806 Published by

This guide is designed to help organizations plan a security monitoring and attack detection system based on Windows Security Event logs. It highlights how to interpret the events and which events indicate the possibility that an attack is in progress.

The Security Monitoring and Attack Detection Planning Guide