Building security auditing solutions for compliance and forensic analysis

This session demonstrates how the new claims based access control capabilities in Windows 8 significantly enhances the security audit and analysis capabilities for compliance and business forensic analysis. In this session, we will describe the new expression-based auditing policies that can be deployed centrally as well as locally, and will demo how monitoring products use these security events for compliance reporting and triggering alerts for suspected activity. In addition, we will describe the full set of auditing scenarios around claims-based access control to demonstrate end-to-end event-driven reporting capabilities for both compliance and day-to-day security management.