You are browsing the archive for Sysmon.

The story of an underTAG that tried to wear a mitre…

March 10, 2019 in Mitre Att&ck, Preaching, Random ideas, Sysmon, threat hunting

Today we tag everything with Mitre Techniques. I like it, but I would also want a bit more flexibility. So, I like to mix the ‘proper’ Mitre tags with my […]

Excelling with sysmon configs

March 4, 2019 in Compromise Detection, Mitre Att&ck, Sysmon, threat hunting

Writing your own sysmon config is a painful exercise. Well, maybe not if you start from a scratch and only rely on your own research, because there is an organic […]