Logon Tracker is an HX Innovation Architecture module designed to enable the investigation of lateral movement within Windows enterprise environments. Logon Tracker improves the efficiency of investigating lateral movement by aggregating historical activity and monitoring new activity. This data is presented in a user interface designed for analyzing investigative leads (e.g., a compromised account) and hunting for suspicious activity (e.g., RDP activity by privileged accounts).
This technical preview release of Logon Tracker is supported on Endpoint Security 5.0 with xAgent 31.
As this is a tech preview module, the usual support SLAs don’t apply to the module. You can also provide feedback to the module team through the email listed below.
|Resources:||Logon Tracker v0.3.1 User Guide|
|FireEye Endpoint Security|
|Last Updated:||May 15, 2020|
|Requirements:||FireEye Endpoint Security 5.0 with xAgent 31+|