Anatomy of an Insider Threat: A Randy Franklin Smith On-demand Webcast

Last week, almost 1,400 of your peers registered for a demonstration of an inside data breach, and now you can watch it, too!

A recent Gartner report states that organizations have put a lot of resources into preventing breaches, but that they should now shift their focus to quickly detecting and stopping breaches in action.

In this Randy Franklin Webcast, Randy shares how to use native tools to track down who accessed and divulged confidential documents stored on file servers. You’ll also see how Quest's InTrust shows you how to correlate different types of events, including authentication events and group membership changes from domain controllers, file access and share-level access events from file servers and program execution events from workstations. 

After compiling this data, you can answer probing questions, such as

  • Who accessed the file?
  • When did they do it?
  • Which computer did they use?
  • What program did they use?
  • How did they get permission to the file?

Randy Franklin Smith leads this insightful discussion. Additionally, Alexey Korotich shows how Quest’s new version of InTrust eliminates cryptic Windows auditing, joins event logs with Active Directory and Windows configuration data and performs sophisticated forensic queries from a simple "Google search" interface.  

It’s a can’t-miss webcast for sleuths trying to solve data breach cases quickly and accurately.