sysmon-modular
A Sysmon configuration repository for customizing Microsoft Sysinternals Sysmon configurations with modular setup.
sysmon-modular
A Sysmon configuration repository for customizing Microsoft Sysinternals Sysmon configurations with modular setup.
Founder & Fractional CISO
Not sure if sysmon-modular is right for your team?
Book a 60-minute strategy call with Nikoloz. You will get a clear roadmap to evaluate products and make a decision.
→Align tool selection with your actual business goals
→Right-sized for your stage (not enterprise bloat)
→Not 47 options, exactly 3 that fit your needs
→Stop researching, start deciding
→Questions that reveal if the tool actually works
→Most companies never ask these
→The costs vendors hide in contracts
→How to uncover real Total Cost of Ownerhship before signing
sysmon-modular Description
A Sysmon configuration repository for everybody to customise. This is a Microsoft Sysinternals Sysmon configuration repository, set up modular for easier maintenance and generation of specific configs. Please keep in mind that any of these configurations should be considered a starting point, tuning per environment is strongly recommended. Note: to get even more value out of the FileExecutable event, consider getting the most up to date version of the LOLdrivers config merged into the config as well. You can easily do that by grabbing the file and adding it in the 29_file_execute_detected folder and generate a new config. The sysmonconfig.xml within the repo is automatically generated after a successful merge by the PowerShell script and a successful load by Sysmon in an Azure Pipeline run. More info on how to generate a custom config, incorporating your own modules here. Pre-Generated configurations: Type: Config: Description: default: sysmonconfig.xml: This is the balanced configuration, most used, more information here. default+: sysmonconfig-with-filedelete.xml: This is the balanced configuration, most used, more information including FileDelete file saves.
sysmon-modular FAQ
Common questions about sysmon-modular including features, pricing, alternatives, and user reviews.
sysmon-modular is A Sysmon configuration repository for customizing Microsoft Sysinternals Sysmon configurations with modular setup.. It is a Security Operations solution designed to help security teams with Repository, Sysinternals, Sysmon.
FEATURED
Fix-first AppSec powered by agentic remediation, covering SCA, SAST & secrets.
Cybercrime intelligence tools for searching compromised credentials from infostealers
Password manager with end-to-end encryption and identity protection features
Fractional CISO services for B2B companies to build security programs
POPULAR
A threat intelligence aggregation service that consolidates and summarizes security updates from multiple sources to provide comprehensive cybersecurity situational awareness.
AI security assurance platform for red-teaming, guardrails & compliance
Real-time OSINT monitoring for leaked credentials, data, and infrastructure
TRENDING CATEGORIES
Stay Updated with Mandos Brief
Get strategic cybersecurity insights in your inbox