3 tools and resources
A Sysmon configuration repository for customizing Microsoft Sysinternals Sysmon configurations with modular setup.
A curated list of resources for learning about deploying, managing, and hunting with Microsoft Sysmon.
A repository providing guidance on collecting security-relevant Windows event logs using Windows Event Forwarding (WEF).