Home / Threat Defense / Threat Management / Sysmon Learning Resources
Sysmon Learning Resources

Sysmon Learning Resources

Pricing: Free
Write a Review Visit Website
Sysmon Learning Resources

What is Sysmon Learning Resources

Aggregates security threats from online sources and outputs to various formats.

A Curated and Bespoke List of Sysmon Learning Resources

This is a carefully selected list of resources that will help you learn about deploying, managing, and hunting with Microsoft Sysmon. It includes presentations, deployment methods, configuration file examples, blogs, and additional GitHub repositories. You can easily explore most of the content at this link: https://mhaggis.github.io/sysmon-dfir/ **Sysmon Learning Resources** **General Community Guide** **TrustedSec** **Sysinternals Sysmon Community Guide** **Utilities** - **SysmonHunter** An easy-to-use ATT&CK-based Sysmon hunting tool. - **SysmonX** An augmented drop-in replacement for Sysmon. - **SysmonTools** - **Nader Shalabi** A tool to parse Sysmon logs. - **Matt Churchill, CrowdStrike** A Sysmon Config Bypass Finder. - **@MartinKorman** Presentations on advanced incident detection and threat hunting using Sysmon (and Splunk) from 2018. - **Tom Ueltschi** A guide on how to transition from responding to hunting with Sysinternals Sysmon. - **Mark Russinovich** A presentation on tracking hackers on your network using Sysinternals Sysmon. - **Mark Russinovich** A video on advanced incident detection and threat hunting using Sysmon and Splunk. - **Tom Ueltschi** Slides on advanced incident detection and threat hunting using Sysmon and Splunk. - **Tom Ueltschi** A session on Splunking the endpoint. - **James Brodsky** A hands-on session on Splunking the endpoint.
 

Sysmon Learning Resources Reviews

Write a Review

No reviews yet. Be the first to review this tool!

Write a Review

Share your experience with Sysmon Learning Resources tool and help others make informed decisions.

Featured Tools

Specops Software
Free
Password Management

Specops Software View Specops Software

Specops Software empowers organizations to fortify their IT security by addressing the critical vulnerability of password management and authentication. As a premier vendor, Specops Software provides advanced solutions designed to proactively block weak passwords, enforce robust authentication protocols, and ensure compliance with stringent industry standards like CJIS and HITRUST. With deep native integration into Active Directory and on-premises data storage, Specops Software offers unparalleled security and control for sensitive business data.

Active Directory password policy auditing against compliance standards
Breached password detection for over 900 million known compromised passwords
Zero-trust access evaluation and enhancement
Infisical
Free
Password Management

Infisical View Infisical

Infisical is the premier open-source platform designed for unified management of secrets, certificates, and configurations across your entire organization. It seamlessly integrates into your development workflows, CI/CD pipelines, and cloud infrastructure, ensuring secure storage and automated injection of sensitive information. Empower your team with robust features like versioning, point-in-time recovery, comprehensive audit logging, and automated secret rotation for enhanced security and operational efficiency.

Open-source secrets management platform
Unified management of secrets, certificates, and configs
Seamless integration with development workflows and CI/CD
Click Studios
Free
Password Management

Click Studios View Click Studios

Click Studios is an Australian-based Agile software development company dedicated to evolving Passwordstate, their robust Enterprise Password Management solution. Continuously refined through customer insights and cybersecurity advancements, Passwordstate offers advanced features for secure sensitive information management and stringent compliance. Click Studios provides scalable, secure, and user-friendly password management solutions, empowering businesses globally with affordable and reliable access control.

Secure Enterprise Password Management
Continuous Feature Enhancement
Customer Feedback Driven Development

Similar Tools

Vectra AI
Free
Threat Management

Vectra AI View Vectra AI

Vectra threat detection & response - see and stop threats across hybrid and multi-cloud enterprises. Vectra uses AI to detect threats early and accurately across hybrid and multi-cloud attack surfaces. The Vectra threat detection & response platform captures packets and logs across your public cloud, SaaS, federated identity and data center networks. It applies patented security-led AI to surface, and prioritize threats and integrates into your security stack for rapid response. The Vectra Platform extracts hundreds of metadata elements from captured data and applies security-led AI to detect attacker methods in every domain. This gets attributed to relevant accounts or hosts to prioritize the entities and provide a unified view of threats across your hybrid and multi-cloud environment.

QFunction
Free
Threat Management

QFunction View QFunction

QFunction revolutionizes cybersecurity by leveraging cutting-edge AI and machine learning to identify anomalies and threats within your existing data. Designed for medium-sized businesses and CISO's, QFunction augments your current security stack, empowering you to proactively hunt for threats by distinguishing unusual patterns rather than relying on pre-defined signatures. This approach reduces noise, enhances threat detection, and enables you to identify and neutralize attacks before they escalate, without the need for additional, disparate security tools.

AI/ML-driven anomaly detection
Augments existing security stack
Proactive threat hunting
PolySwarm
Free
Threat Management

PolySwarm View PolySwarm

PolySwarm is a cutting-edge, crowdsourced threat intelligence marketplace designed to empower organizations with faster, more accurate detection, analysis, and response to emerging cyber threats. By aggregating a diverse network of specialized and general threat detection engines, PolySwarm uncovers previously undetected and rare malware, filling critical gaps in traditional security defenses and providing superior protection against the evolving threat landscape.

Crowdsourced Threat Intelligence Marketplace
Next-Generation Malware Detection
Specialized and Broad Engine Coverage
Pixm
Free
Threat Management

Pixm View Pixm

Pixm revolutionizes phishing defense by employing state-of-the-art computer vision to analyze web pages from a human perspective, effectively identifying deceptive elements that traditional security tools often overlook. This AI-powered solution, designed for everyday users and backed by ManageEngine's commitment to flexible business solutions, provides unparalleled protection against the most prevalent cyber threats.

Computer Vision Analysis
Human-like Visual Scanning
Deceptive Element Detection
Packet Storm
Free
Threat Management

Packet Storm View Packet Storm

Packet Storm is a comprehensive threat intelligence feed dedicated to empowering the information security industry with critical vulnerability data and free tooling. We provide timely and relevant details for seasoned professionals while offering foundational insights into emerging threats and exploitation methods for those new to the field. Our mission is to equip security professionals with the extensive data necessary to make informed decisions for robust domain protection.

Real-time vulnerability data feed
Extensive collection of security advisories
Free security tooling and resources
Mitre ATT&CK
Free
Threat Management

Mitre ATT&CK View Mitre ATT&CK

MITRE ATT&CK™ is a globally recognized, empirically-based knowledge base detailing adversary tactics and techniques observed in real-world cyberattacks. It serves as a foundational framework for developing robust threat models, defensive strategies, and cybersecurity solutions across various sectors, including private industry, government, and the cybersecurity product and service community. By fostering collaboration and providing open access, ATT&CK empowers organizations to enhance their cybersecurity posture and build a safer digital world.

Comprehensive knowledge base of adversary tactics and techniques
Based on real-world observations and cyberattack data
Enables development of threat models and defensive strategies