NetGain Documentation Hub NetGain Documentation Hub
Home / Modules / SIEM / Log Analytics / Reports / Compliance / CYBER ESSENTIALS

CYBER ESSENTIALS

In <CYBER ESSENTIALS> there are 5 report templates.

Screenshot

 

Boundary firewall and internet gateways:

  • Windows : Firewall Flood Attack
  • Windows : Firewall Internet Protocol half-scan attack
  • Windows : Firewall Ping of Death Attack
  • Windows : Firewall SYN Attack
  • Windows : Firewall Spoof Attack

Malware Protection

  • Windows : Defender Malware Detection
  • Windows : Defender Real Time Protection Detection
  • Windows : DOS Attacks
  • Windows : Downgrade Attacks
  • Windows : Event Logging Service Shutdown
  • Windows : Event Logs Cleared
  • Windows : Exe or DLL File Allowed to Run
  • Windows : Exe or DLL File Not Allowed to Run
  • Windows : Exe or DLL Files Not Allowed to Run due to Enforced rules
  • Windows : IP Conflicts
  • Windows : MSI Script File Allowed to Run
  • Windows : MSI Script Files Not Allowed to Run due to Enforced rules
  • Windows : Removeable Disk Creates
  • Windows : Removeable Disk Deletes
  • Windows : Removeable Disk Failed Creates
  • Windows : Removeable Disk Failed Deletes
  • Windows : Removeable Disk Failed Modifications
  • Windows : Removeable Disk Failed Reads
  • Windows : Removeable Disk Modifications
  • Windows : Removeable Disk Reads
  • Windows : Replay Attack
  • Windows : Security Logs Cleared
  • Windows : Software Installed
  • Windows : Software Restricted to Access Program
  • Windows : Terminal Server Attacks
  • Windows : Threat Detections by Mcafee
  • Windows : Threats Detection by Microsoft Anti-malware
  • Windows : Threats Detection by Norton AntiVirus
  • Windows : Threats Detection by Sophos Anti-Virus
  • Windows : Threats Detections by ESET Endpoint Antivirus
  • Windows : User Account Locked Out Error

Patch Management: Windows : AD Backup Error

  • Windows : Audit Logs Cleared
  • Windows : Error in EventLog Service
  • Windows : Event log automatic backup
  • Windows : Failed hotpatching
  • Windows : Failed software installations
  • Windows : Failed software installations due to privilege mismatches
  • Windows : New Service Install
  • Windows : Service Failed
  • Windows : Service Started
  • Windows : Service Stopped
  • Windows : Software Install
  • Windows : Software Uninstalled
  • Windows : Software Updated
  • Windows : Windows Startup and Windows Shutdown

Secure Configuration:

  • Windows : Audit Policy Changed
  • Windows : Computer Account Created
  • Windows : Computer Account Deleted
  • Windows : Computer Account Modified
  • Windows : Group Created
  • Windows : Group Deleted
  • Windows : Group Modified
  • Windows : Successful Post Authentication
  • Windows : Successful Pre Authentication
  • Windows : Trusted Domain Created
  • Windows : Trusted Domain Deleted
  • Windows : Trusted Domain Modified
  • Windows : UnSuccessful Post Authentication
  • Windows : UnSuccessful Pre Authentication
  • Windows : User Account Created
  • Windows : User Account Deleted
  • Windows : User Account Locked Outs
  • Windows : User Account Modified
  • Windows : User Right Assigned
  • Windows : User Right Removed
  • Windows : Windows Firewall Group Policy Changes
  • Windows : Windows Firewall Rule Added
  • Windows : Windows Firewall Rule Deleted
  • Windows : Windows Firewall Rule Modified
  • Windows : Windows Firewall Setting Changed
  • Windows : Windows Firewall Setting Restored
  • Windows : Windows Individual User Action

User Access Control:

  • Windows : Audit Policy Changed
  • Windows : Successful Post Authentication
  • Windows : Successful Pre Authentication
  • Windows : Trusted Domain Created
  • Windows : Trusted Domain Deleted
  • Windows : trusted Domain Modified
  • Windows : Unsuccessful Post Authentication
  • Windows : Unsuccessful Pre Authentication
  • Windows : User Rights Assigned
  • Windows : User Rights Removed
  • Windows : Windows Individual User Action