EventSentry can detect both successful and unsuccessful ZeroLogon attacks by examing various event patterns on domain computers. To use this package: Download the package using the link shown below Open the EventSentry management console Click on Packages Click on Import Select the ZeroLogon package resource 15
EventSentry includes the validation script ThreatIntel: Log4j Remote Code Executionhttps://www.eventsentry.com/validationscripts/guid/a01ac7cab4f444e2badddd7eb11e765d which will scan the local file system of any monitored host and find and report on all vulnerable Log4J instances. Follow the steps below to activate the script and dep...
