EventSentry can detect both successful and unsuccessful ZeroLogon attacks by examing various event patterns on domain computers. To use this package: Download the package using the link shown below Open the EventSentry management console Click on Packages Click on Import Select the ZeroLogon package resource 15

KB-ID 440
Category: Security
Applies to: 4.2.3

EventSentry includes the validation script ThreatIntel: Log4j Remote Code Execution which will scan the local file system of any monitored host and find and report on all vulnerable Log4J instances. Follow the steps below to activate the script and dep...

KB-ID 463
Category: Security
Applies to: 4.2 and later