Tag: Sysmon

Deploy Sysmon and collect additional data with Sentinel and the AMA agent

System Monitor (Sysmon) is one of the most common add-ons for Windows logging. With Sysmon, you can detect malicious activity by tracking code behavior and network traffic. Sysmon is part of the Sysinternals package and is owned by Microsoft. Sysmon can be used…

Jeffrey, January 26, 2023 2 10 min read

Security

Use Sysmon for monitoring servers with Microsoft Sentinel

System Monitor (Sysmon) is one of the most common add-ons for Windows logging. With Sysmon, you can detect malicious activity by tracking code behavior and network traffic. Sysmon is part of the Sysinternals package and is owned by Microsoft. What is Sysmon Sysmon…

Jeffrey, July 27, 2021 0 6 min read

Laatste nieuws

Common mistakes during Microsoft Defender for Endpoint deployments

How to use Automatic Attack Disruption in Microsoft 365 Defender (BEC, AiTM & HumOR)

How to troubleshoot Live Response in Defender for Endpoint

Onboard and configure Defender for Endpoint for non-persistent VDI environments

How to use Defender for IoT firmware Scanning for checking potential security vulnerabilities and weaknesses

Block apps (discovered/ shadow IT) with Defender for Cloud Apps and Defender for Endpoint

Tag: Sysmon

Deploy Sysmon and collect additional data with Sentinel and the AMA agent

Use Sysmon for monitoring servers with Microsoft Sentinel

Microsoft MVP

MDE blog series

Supporting this blog

Latest topics

Common mistakes during Microsoft Defender for Endpoint deployments

How to use Automatic Attack Disruption in Microsoft 365 Defender (BEC, AiTM & HumOR)

How to troubleshoot Live Response in Defender for Endpoint

Onboard and configure Defender for Endpoint for non-persistent VDI environments

How to use Defender for IoT firmware Scanning for checking potential security vulnerabilities and weaknesses

Block apps (discovered/ shadow IT) with Defender for Cloud Apps and Defender for Endpoint

Social Media

Trending Slider

Common mistakes during Microsoft Defender for Endpoint deployments

How to use Automatic Attack Disruption in Microsoft 365 Defender (BEC, AiTM & HumOR)

How to troubleshoot Live Response in Defender for Endpoint

Onboard and configure Defender for Endpoint for non-persistent VDI environments

How to use Defender for IoT firmware Scanning for checking potential security vulnerabilities and weaknesses

Block apps (discovered/ shadow IT) with Defender for Cloud Apps and Defender for Endpoint

Today's pick

Latest

Popular

Common mistakes during Microsoft Defender for Endpoint deployments

How to use Automatic Attack Disruption in Microsoft 365 Defender (BEC, AiTM & HumOR)

How to troubleshoot Live Response in Defender for Endpoint

Onboard and configure Defender for Endpoint for non-persistent VDI environments

Fast response with Azure AD Continuous Access Evaluation (CAE) and Conditional Access

Downloads blokkeren via Conditional Access App Control vanuit Microsoft Endpoint Manager

Android Enterprise fully managed beschikbaar in Microsoft Intune voor zakelijke omgevingen

Android Enterprise via Microsoft Endpoint Manager als vervanger van Android device administrator