I was wondering if someone could help me to better inderstand the following alert.
I have an alert of successfully accessed for the first time using ntlmssp. The log of the alert states that the “service” was used: “ntlmssp” with event code 4624. I’ve done some research online and I still can’t figure out what was the user’s action to generate this alert. I wanted to better understand what ntlmssp is and what was the user’s action to generate this alert.