Security hardening

Related Products
Log360

Comprehensive SIEM and UEBA
Download | Demo
AD360

Integrated Identity & Access Management
Download | Demo
ADManager Plus

Active Directory Management & Reporting
Download | Demo
ADAudit Plus

Real-time Active Directory Auditing and UBA
Download | Demo
ADSelfService Plus

Self-Service Password Management
Download | Demo
Exchange Reporter Plus

Exchange Server Auditing & Reporting
Download | Demo

Security hardening

EventLog Analyzer provides numerous security settings to strengthen account security. The Security Hardening feature enables you to configure and manage all these settings in one place.

The dashboard lists the available security settings with a corresponding security score that is calculated based on the importance of the enabled configuration(s).

To manage individual settings, click the option against the target security setting and make the required changes. Once the process is complete, the option will have a green tick next to it, as shown in the image above.

A description for each setting is provided below

Enforce HTTPS* - Enabling this setting helps establish a secure connection between the web browsers used to access EventLog Analyzer and the EventLog Analyzer server.

Change Default Admin Password* - Change the default admin password within 30 days of signing up. Choose a unique password that fits the application's complexity requirement.

Enforce Two Factor Authentication* - Add a second layer of security and prevent unauthorized access to EventLog Analyzer.

Receive Alerts for Security Updates* - Configuring this setting allows you to receive email notifications when important security patches are released. This ensures you are kept up-to-date on critical security updates for the product and allows you to implement them on time.

Automatic update for critical security fixes - Automatically install updates for highly critical security issues.

Enable CAPTCHA - Include CAPTCHA as a security measure in the login process to secure the account from brute force attacks. You can choose whether to show CAPTCHA always or only after a certain number of invalid login attempts.

Enable encryption for log archival - Enable flat file encryption to encrypt the log data while archiving.

Block Invalid Login Attempts - Block a particular user from accessing the account after a specific number of failed login attempts.

* - These settings are mandatory for EventLog Analyzer. However, it is recommended to configure all settings to ensure your Product Security Hardening score reaches a 100%.

To ensure that you don't miss configuring any important security settings, EventLog Analyzer sends the following alerts:

Licensed users will receive a popup after every successful login to complete the mandatory security configurations.

Admin accounts will be prompted to change the default admin password.

A security alert will be displayed in the notification center until the security score reaches 100%.

Note: The security settings alerts will also be included under the License tab and will be emailed to you along with product downtime and start-up emails.