How to Write Sysmon Rules: Getting Fancy(Bear) With Sysmon to Find APT Level Cyber Security Threats


Last week we explored how to get started with Sysmon to strengthen your cybersecurity defenses. This week we dive deeper into Sysmon rules and explore how we can use Sysmon to find FancyBear (APT28) during your threat hunting, digital forensics, and incident response engagements.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top