End Point Visibility with Sysmon. A Hands-On Lab Using BITS Jobs.

It’s critical that cybersecurity analysts have verbose endpoint visibility to detect and respond to attacks. System Monitor (Sysmon) is a utility provided by Microsoft to capture detailed process, network, and file change events, which can be used to detect endpoint staged attacks.

System Monitor (Sysmon) is a Windows system service and device driver…