Morning
Im looking to use lansweeper for alarms / reporting of lateral movement.
Any one got anything on lansweeper reports for privilege escalation (ie event ID's 4672 and 4648)
File monitoring
or anything reporting on sysmon events?
these events im trying to alarm on are very noisey so looking for refinements also
