Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type

Topics

Publication Date

Technical Note

Creating Centralized Reporting for Microsoft Host Protection Technologies: The Enhanced Mitigation Experience Toolkit (EMET)

  • August 2016
  • By Craig Lewis, Joseph Tammariello
  • This report describes how to set up a centralized reporting console for the Windows Enhanced Mitigation Experience Toolkit.
  • Publisher: Software Engineering Institute
    CMU/SEI Report Number: CMU/SEI-2016-TN-007
  • Abstract

    Host protection strategies, such as enabling anti-exploitation features, can be effective in protecting Windows endpoints from compromise. Microsoft offers a tool to assist in this area and is provided at no cost. The Enhanced Mitigation Experience Toolkit (EMET) is a utility that helps to prevent the exploitation of software vulnerabilities.

    EMET can be effective in safeguarding organizations from compromise by malicious actors. The configuration of EMET can be controlled centrally by enterprise system administrators using Group Policy. While centralized management capability is built into the tool, centralized reporting capabilities are not, creating a challenge when it comes to real-time situational awareness, metrics gathering, troubleshooting, and reporting. This report presents methods by which systems administrators and/or information security personnel can create a centralized reporting console using native Windows capabilities and the Splunk machine data analysis engine.

  • Download

Cite This Report

SEI

Lewis, Craig; & Tammariello, Joseph. Creating Centralized Reporting for Microsoft Host Protection Technologies: The Enhanced Mitigation Experience Toolkit (EMET). CMU/SEI-2016-TN-007. Software Engineering Institute, Carnegie Mellon University. 2016. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=466177

IEEE

Lewis. Craig, and Tammariello. Joseph, "Creating Centralized Reporting for Microsoft Host Protection Technologies: The Enhanced Mitigation Experience Toolkit (EMET)," Software Engineering Institute, Carnegie Mellon University, Pittsburgh, Pennsylvania, Technical Note CMU/SEI-2016-TN-007, 2016. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=466177

APA

Lewis, Craig., & Tammariello, Joseph. (2016). Creating Centralized Reporting for Microsoft Host Protection Technologies: The Enhanced Mitigation Experience Toolkit (EMET) (CMU/SEI-2016-TN-007). Retrieved December 11, 2018, from the Software Engineering Institute, Carnegie Mellon University website: http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=466177

CHI

Craig Lewis, & Joseph Tammariello. Creating Centralized Reporting for Microsoft Host Protection Technologies: The Enhanced Mitigation Experience Toolkit (EMET) (CMU/SEI-2016-TN-007). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2016. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=466177

MLA

Lewis, Craig., & Tammariello, Joseph. 2016. Creating Centralized Reporting for Microsoft Host Protection Technologies: The Enhanced Mitigation Experience Toolkit (EMET) (Technical Report CMU/SEI-2016-TN-007). Pittsburgh: Software Engineering Institute, Carnegie Mellon University. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=466177

BibTex

@techreport{LewisCreatingCentralized2016,
title={Creating Centralized Reporting for Microsoft Host Protection Technologies: The Enhanced Mitigation Experience Toolkit (EMET)},
author={Craig Lewis and Joseph Tammariello},
year={2016},
number={CMU/SEI-2016-TN-007},
institution={Software Engineering Institute, Carnegie Mellon University},
address={Pittsburgh, PA},
url={http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=466177} }