Read the original article: Querying Windows Event Logs for Faster Investigation and Response
With this week’s release on the VMware Carbon Black Cloud, users can now remotely inspect Windows devices’ event logs to pull back information that could be helpful during an investigation or response scenario. This new capability comes as part of an update to the Live Query functionality provided on the platform. Unlike standard EDR search capabilities, which allow administrators to review previously collected data […]
The post Querying Windows Event Logs for Faster Investigation and Response appeared first on VMware Carbon Black.
Read the original article: Querying Windows Event Logs for Faster Investigation and Response