Sysmon is a free endpoint monitoring tool published by Microsoft in their sysinternals suite. It generates process creations, network connections, file creations, DNS, and now clipboard monitoring with v12. We’ll discuss what’s in the events and how to easily visualize and search them with Gravwell’s new Sysmon Kit.
This segment is sponsored by Gravwell.
Visit https://securityweekly.com/gravwell to learn more about them!
Visit https://www.securityweekly.com/psw for all the latest episodes!
Show Notes: https://wiki.securityweekly.com/psw671
The post Sysmon Endpoint Monitoring, Now w/ Clipboard Voyeurism – Corey Thuen – PSW #671 appeared first on Malware Devil.
https://malwaredevil.com/2020/10/23/sysmon-endpoint-monitoring-now-w-clipboard-voyeurism-corey-thuen-psw-671/?utm_source=rss&utm_medium=rss&utm_campaign=sysmon-endpoint-monitoring-now-w-clipboard-voyeurism-corey-thuen-psw-671
No comments:
Post a Comment