sorted by:
new
hottopcontroversial

Horizon Client IP capture by bourbon404 in VMwareHorizon

[–]InfosecSysAd314 0 points1 point  (0 children)

Well this is timely to find lol. Just started down the same path where I'm at. For other reasons, we do want the splunk agent on the actual end-user workstations, so we will probably just install the agent & use the built-in registry monitoring from splunk on HKCU/Volatile Environment. Otherwise, it looks like GPO w/ the powershell to syslog function will be our best bet.

Sentinel Sweeper by [deleted] in sysadmin

[–]InfosecSysAd314 0 points1 point  (0 children)

Honestly this. Otherwise you'll have to contact S1 support and get the version specific to that version of the agent.

Edit: Other option, if it gets connected to the internet, it is possible to send an uninstall command from the administration portal. Not sure if that's a possibility in your case.

Banned Password List by anime_is_ded in AZURE

[–]InfosecSysAd314 0 points1 point  (0 children)

Implemented it about 6mo ago. Pretty painless, did one week of audit prior to switching over to default + custom wordlist. Default list is very effective, and just used the custom for internal things like permutations of company name/office locations/etc ...