How to Write Sysmon Rules: Getting Fancy(Bear) With Sysmon to Find APT Level Cyber Security Threats

Search …

Services
Products
- Insane Forensics Platform
Company
Resources
- Blog
- Tech Talk Tuesday
Login

Your cart is currently empty!

Book A Call

Search …

Services
Products
- Insane Forensics Platform
Company
Resources
- Blog
- Tech Talk Tuesday
Login

Tech Talk Tuesday / Leave a Comment / 1 minute of reading

How to Write Sysmon Rules: Getting Fancy(Bear) With Sysmon to Find APT Level Cyber Security Threats

Description

Last week we explored how to get started with Sysmon to strengthen your cybersecurity defenses. This week we dive deeper into Sysmon rules and explore how we can use Sysmon to find FancyBear (APT28) during your threat hunting, digital forensics, and incident response engagements.

Post navigation

← Previous Post

PutDownYourDukes_HuntingForHackingGroups

Put Down Your Dukes: Hunting For Hacking Group APT 29/APT 37/APT 40’s Covert Data Exfiltration

Tech Talk Tuesday

Threat Hunting for No-Key-Theft-Required Attacks in Trusted Binaries [MITRE ATT&CK T1553.002]

Tech Talk Tuesday

UsingMITRE-ATTACK-ForEnterpriseAndATT_CK-ForICS-InIndustrialEnvironmentspng

Using MITRE ATT&CK for Enterprise and ATT&CK for ICS in Industrial Environments (ft Ron Fabela)

Tech Talk Tuesday

Leave a Comment Cancel Reply

Your email address will not be published. Required fields are marked *

Type here..

Name*

Email*

Website

Save my name, email, and website in this browser for the next time I comment.

How To Use FTK Imager To Take Disk And Memory Images For Free
IR Plan, Policy & Procedures Part 3: How To Write a Cybersecurity Incident Response Procedures
IR Plan, Policy & Procedures Part 2: How To Write a Cybersecurity Incident Response Policy

Be Notified of Future Posts

Share This Post

Contact Us
Blog
Store
My account

Scroll to Top

How to Write Sysmon Rules: Getting Fancy(Bear) With Sysmon to Find APT Level Cyber Security Threats

Description

Related Posts

Leave a Comment Cancel Reply