Read the original article: PROTIP: Policy Registration & Managing StealthINTERCEPT via PowerShell and Editing StealthDEFEND Investigations & Categorizing Playbooks
There are actually four (4) ProTips in this blog (Click below to go to one you want): Multiple Policy Registration in StealthINTERCEPT Managing StealthINTERCEPT via PowerShell Editing StealthDEFEND Investigations the Lazy Way Categorize StealthDEFEND Playbooks to Reduce Clutter Multiple Policy Registration in StealthINTERCEPT The capability has long existed in StealthINTERCEPT to have a single policy with multiple event registrations. There are particular situations when you need to audit certain activity but desire to filter on a couple of very specific…
The post PROTIP: Policy Registration & Managing StealthINTERCEPT via PowerShell and Editing StealthDEFEND Investigations & Categorizing Playbooks appeared first on Insider Threat Security Blog.
Read the original article: PROTIP: Policy Registration & Managing StealthINTERCEPT via PowerShell and Editing StealthDEFEND Investigations & Categorizing Playbooks