The default logging capabilities from Microsoft are only helpful to a certain extent. This session will discuss how to utilize the Sysinternals tool Sysmon for threat hunting, testing detections and more. The session will explain use cases and look at real examples of Sysmon successfully detecting malicious behavior in the wild.
Interested? We have you covered! This popular session will also be streamed live in The Session Viewing Point, West Level 2 Room 2004.
Technology Infrastructure & Operations
security analytics SIEM log management endpoint detection visibility & response threat intelligence
Share With Your Community