Quest InTrust is a very powerful log management framework which also contains a lot of possible ways to notify about triggered alerts:

• Email alerts
• SCOM connector
• Alert Reports in SRS
• Alerts in SQL DB 
• Web Interface for Alert management - InTrust Monitoring…

In recently released Update 1 for InTrust 11.4.1 there is a hidden gem – Suspicious process was started rule, it allows detection of hidden steps that ransomware and malware would do to achieve persistence, hide their tracks and disable protection…

The cyber-security community is buzzing about this recently unveiled vulnerability in Windows Textservices Framework.

"Project Zero: Down the rabbit hole" https://googleprojectzero.blogspot.com/2019/08/down-rabbit-hole.html by a security researcher…

Hello everyone, InTrust can collect event log information from many different sources (you can reed more in the datasheet), but what is mostly unknown is that it can collect information from custom logs: a text log, windows event log, WMI or log in a…

We just released a new three-minute video that shows how you can monitor, detect and mitigate attacks happening using PowerShell commands.

PowerShell became very popular among penetration testers and hackers recently. Why I know this? Because it's in the…

Ladies and Gentlemen, let me introduce to you a malicious USB cable. You probably met him during your last corporate conference in that nice hotel lobby... I'm kidding of course, or am I?

https://twitter.com/_MG_/status/949684949614907395

I have a…

For those who are unfamiliar with Change Auditor, it is the auditing solution offered by Quest.  The solution offers a wide range of auditing capabilities to help provide a view into what changes are occurring within your environment.  Unfortunately, the…

Intro

One of the most important technologies built into InTrust is a special event repository which reduces costs and efforts required to store and manage huge volume of events. InTrust can reduce storage requirements considerably, 20:1 for indexed data…

Probably everyone in the IT world heard at least something about mimikatz – a PowerShell library for performing targeted attacks in Microsoft Windows infrastructure. There are numerous other PowerShell toolkits developed to help attackers to recon, to…

The Bad Rabbit ransomware cyber attack hit last week in Russia and Eastern Europe, targeting news media companies and some transportation companies such as Airport of Odessa in Ukraine. In a nutshell the tactic that bad guys are using is as old as WannaCry…

Currently 30% of companies in the United States are using the NIST Cybersecurity Framework to manage risks with projections of 50% by the year 2020 (https://iapp.org/news/a/the-future-of-the-nist-cybersecurity-framework/). 

Quest has a broad portfolio…

In reviewing the DFS Cybersecurity regulation Section 500.02, I immediately began thinking of the NIST Framework. Section B has several subsections that map to NIST:

One of the tools that Active Directory administrators have to help mitigate brute force hacking attempts is the account lockout. Typically configured in a Group Policy, the account lockout policy tallies the number of failed authentication attempts for…