Just had a bit of a breach here at work. Thankfully the attacker seems to have been interrupted and didn’t have enough time to cause any issues (as far as I’ve been able to detect). When going through the logs it seems that someone has potentially gotten access prior to this event as well.
So it would seem I need to keep better track of what’s going on on our network. I googled around a bit and found quite a few different solutions.
We’re a small company with maybe 15-20 computers and a few servers. What solution would you recommend for a company our size? Ideally, I’d like something that can analyze network data from our main Mikrotik router + collect and monitor event logs from all our computers (that part might be off topic for this subreddit, if so I apologize).
No comments:
Post a Comment