Sysmon, a component of Microsoft’s Sysinternals software package, provides a treasure trove of information for Windows logs — but first, you need to know how to tap into it.
Sysmon enriches Windows logs beyond what Windows Event Viewer can provide, bringing a higher level of monitoring into certain events like process creation, network connections, file system changes, and more to detect malicious activity.
Learn how to use this free resource to its full potential and get better security coverage across your Windows environment.
In this webinar, you’ll learn:
- 5 security wins you’ll experience with Sysmon
- How to set up and get started with Sysmon
- Why pairing a SIEM with Sysmon will give you the best results
This interactive, conversational-style session encourages questions and engagement with viewers – so sign up today for access to our security experts.
Participants
Amanda Berlin, Lead Incident Detection Engineer at Blumira
Amanda Berlin is Lead Incident Detection Engineer at Blumira, where she leads the development of new detections for the Blumira platform, based on threat intelligence and research.
An accomplished author, speaker, and podcaster, Amanda is known for her ability to communicate complex technical concepts in a way that is accessible and engaging for audiences of all backgrounds. She co-authored an O’Reilly Media book Defensive Security Handbook: Best Practices for Securing Infrastructure, a comprehensive guide for starting an infosec program from the ground up. She is also co-host of Brakeing Down Security, a podcast about the world of cybersecurity, privacy, compliance, and regulatory issues that arise in today’s workplace.
Amanda is the CEO and co-founder of Mental Health Hackers, a non-profit organization that aims to raise awareness about mental health issues in the cybersecurity community.
Amanda is on Twitter as @InfoSystir, where she can be found cracking jokes, posting selfies, and expressing her love for hedgehogs.
Carlos Perez, Team Lead, Research at TrustedSec
Carlos Perez has been active in the security community since 1999 working for the Government of Puerto Rico helping secure networks and performing internal pentests. He later joined Compaq/HP where he worked as a Senior Solution Architect for the Security and Networking consulting practices covering 33 countries in Central America, South America, and the Caribbean helping customer design and to implement security solutions that helped customers meet their business needs in a secure way. Carlos also worked as the Director of Reverse Engineering at Tenable, Inc., where he was in charge of all remote code execution checks and finding zero-day vulnerabilities on products tested.
Erica Mixon
Erica is an award-winning writer, editor and journalist with over ten years of experience in the digital publishing industry. She holds a Bachelor’s degree in writing, literature and publishing from Emerson College. Her foray into technology began at TechTarget, where she provided editorial coverage on a wide variety...
More from the blog
View All PostsCustomer Story: Girl Scouts of Southeastern Michigan
Read MoreCustomer Story: Mid-Sized Manufacturing Firm
Read MoreDetect and Respond to Azure Threats With Blumira: Easy Cloud SIEM Setup
Read MoreSubscribe to email updates
Stay up-to-date on what's happening at this blog and get additional content about the benefits of subscribing.