About Blogs Community Guide Deploy Sysmon ELK General Gravwell Graylog Microsoft System Center Presentations RSA Netwitness Splunk Sysmon Configuration Files Sysmon Github Projects Utilities

Presentations

Nov 29, 2023

Presentations

Advanced Incident Detection and Threat Hunting using Sysmon (and Splunk) – 2018 - Tom Ueltschi
How to Go from Responding to Hunting with Sysinternals Sysmon - Mark Russinovich
Tracking Hackers on Your Network with Sysinternals Sysmon - Mark Russinovich
Advanced Incident Detection and Threat Hunting using Sysmon and Splunk Video - Tom Ueltschi
Advanced Incident Detection and Threat Hunting using Sysmon and Splunk Slides - Tom Ueltschi
Splunking the Endpoint - James Brodsky
Splunking the Endpoint: “Hands on!” Ransomware Edition - James Brodsky & Dimitri McKay

Sysmon-DFIR

Sysmon-DFIR

MHaggis
M_Haggis

A curated and bespoke list of resources for learning about deploying, managing and hunting with Microsoft Sysmon. Contains presentations, deployment methods, configuration file examples, blogs and additional GitHub repositories.