search menu icon-carat-right cmu-wordmark

Posts by Derrick Spooner

Windows Event Logging for Insider Threat Detection

Windows Event Logging for Insider Threat Detection

• Blog
Derrick Spooner

In this post, I continue my discussion on potential low-cost solutions to mitigate insider threats for smaller organizations or new insider threat programs. I describe a few simple insider threat use cases that may have been detected using Windows Event logging, and I suggest a low-effort solution for collecting and aggregating logs from Windows hosts....

Read More
Navigating the Insider Threat Tool Landscape

Navigating the Insider Threat Tool Landscape

• Blog
Derrick Spooner

Mitigating insider threats is a multifaceted challenge that involves the collection and analysis of data to identify threat posed by many different employee types (such as full-time, part-time, or contractors) with authorized access to assets such as people, information, technology, and facilities. The landscape of software and tools designed to aid in this process is almost as wide and varied as the problem itself, which leaves organizations with the challenge of understanding not only the...

Read More

Contact the Author

Derrick Spooner

SEI Digital Library

SEI Publications

Visit the SEI Digital Library to see other publications by Derrick Spooner

View publications