Getting The Most Out Of Sysmon

Posted on in Presentations

The default logging capabilities from Microsoft are only helpful to a certain extent. This session will discuss how to utilize the Sysinternals tool Sysmon for threat hunting, testing detections and more. The session will explain use cases and look at real examples of Sysmon successfully detecting malicious behavior in the wild.

Amanda Berlin


Lead Incident Detection Engineer, Blumira

Technology Infrastructure & Operations

security analytics SIEM log management endpoint detection visibility & response threat intelligence



Share With Your Community