Using Sysinternals Sysmon in Azure Sentinel

Azure Sentinel is a SIEM solution offered from Microsoft to see and stop threats before they cause harm. Olaf Hartong tested to use sysinternals tools Sysmon in Azure Sentinel.


Advertising

An introduction into Azure Sentinel may be found at this Microsoft site. According to Microsoft, Azure Sentinel is your birds-eye view across the enterprise. Olaf Hartong played a bit with this new feature. Within the tweet below he announced his blog post about using Sysmon in Azure Sentinel – maybe it's helpful to someone.


Advertising

This entry was posted in Security and tagged . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).