check before: 2023-10-25
Product:
Windows, Windows Server
Platform:
World tenant
Status:
Change type:
Admin impact
Links:
Details:
Whether you're in cybersecurity, IT, performance, or software development, improved resources can help you diagnose cybersecurity threats. While you could previously use Event Tracing for Windows for limited audit functions, nine events have recently been improved for better insight. Specifically, several security-related events now show Process ID and Process Start Key in the event schema, allowing you to confirm the causal process of these events. We've also increased the event version as events are updated over time, following the application compatibility policy.
When will this happen:
These improvements are already available on all Windows versions.
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
Created:
2023-10-12
updated:
2024-08-10
Task Type
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS How does it affect me
XXXXXXX ... free basic plan only
MS Preperations
XXXXXXX ... free basic plan only
MS Urgency
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
Direct effects for Operations**
- Direct Impact on IT Operations
- Enhanced Security Monitoring
- Improved event logging capabilities will allow for better tracking of security-related activities.
- Role Impacted: Security Analysts, IT Operations Teams
- Increased Resource Utilization
- The need for additional resources to analyze the increased volume of detailed logs may strain existing IT infrastructure.
- Role Impacted: IT Administrators, System Engineers
- Direct Impact on IT Services
- Changes in Event Viewer Functionality
- The Event Viewer will now display more detailed information, which may require training for users to effectively utilize the new features.
- Role Impacted: IT Support Staff, End Users
- Dependency on Other Security Tools
- Integration with existing security tools may require updates or adjustments to ensure compatibility with the new event schema.
- Role Impacted: IT Security Teams, Application Developers
References:
- Microsoft Documentation on Event Tracing for Windows: [Event Tracing - Win32 apps](https://learn.microsoft.com/windows/win32/api/_etw/)
- Tech Community Blog on New Security Capabilities: [New security capabilities of Event Tracing for Windows](https://techcommunity.microsoft.com/t5/windows-it-pro-blog/new-security-capabilities-of-event-tracing-for-windows/ba-p/3949941)
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
Last updated 1 year ago ago
