How to get started with Microsoft Sysinternals’ Sysmon advanced event logging


Microsoft Sysinternals’ Sysmon tool is a free tool that provides amazing enhancement of system activity to enrich threat hunting, digital forensics, incident response, and an organization’s security posture. In this edition of #techtalktuesday, we overview Sysmon fundamentals, cover how to get started with Symon, what the default configuration looks like, and the basics of writing Sysmon rules tailed to your environment.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top