Threat Detection with Sysmon
By Bryan Macario, Network Security Engineer at Tec-Refresh, Inc. In today’s article, I will discuss an open-source tool that complements Windows Event Logs, called Sysmon. This tool is part of the Windows Sysinternals Suite and was developed by Mark Russinovich. The whole idea of Sysmon Is that it further increases the logging capabilities that Windows …