The Security Monitoring MP for SCOM from Nathan Gau bundles together lots of different rules and monitors for general security monitoring, keeping in mind that attacks aren’t usually instantaneous (Nathan notes in his blog that, on average, it takes 250 days for an attacker to be found).
As a result, there’s typically a breadcrumb trail of evidence that an organization’s security has vulnerabilities and so this MP focuses on collecting and monitoring these points of evidence.
The MP monitors a broad array of issues and evidence of potential issues, including:
You can download the MP from here, and may also want to listen to an excerpt from one of our Coffee Break webinars (below) which discusses it in more detail.
A huge thanks to Nathan for sharing his work with the community and we highly recommend checking out more of his work, in particular he’s a goldmine of other useful information on using SCOM in the context of cyber security.
SCOM is an amazingly powerful platform, but it’s the management packs that do all the heavy lifting. Thanks to the extensibility, maturity, and huge install base of SCOM, there are tons of fantastic, freely-available management packs out there, all provided by a vibrant, creative and generous worldwide SCOM community.
But how do you find every single management pack that might be of interest to you..?
Do you spend your whole life digging around the internet, looking in every nook and cranny for little-known bloggers who might have put a useful MP out there? And once you’ve found them, how do make sure that you’ve always got the latest version installed? Not easy, right?
Well, help is at hand in the form of the Community MP Catalog which extends the SCOM console to simplify the discovery and life-cycle management of community MPs, including:
For a more in-depth introduction to the MP, we recommend checking out the recording of the release webinar below.
If you’ve got a handy custom MP that you think would make a great addition to the Community MP Catalog then it’s time for you to get involved! For more details, check out this video to learn all about how you can contribute to this awesome new community project.