Having the right set of telemetry (in simple terms defined as event-driven data) can either make or break an incident. Cyber defenders are often missing key pieces of data that can aid in investigation or detection efforts. By utilizing Sysmon, one of many tools in Microsoft’s Sysinternals Suite, defenders can begin to fill this gap. This Upskill Challenge walks you through the basics of Sysmon including:
- Installation of Sysmon
- Configuration Basics
- Configuration Editing
Join Anton Ovrutsky, author of Constructing Defense (Details|Enroll), as he dives into the world of Sysmon!
Price = FREE!
What’s an Upskill Challenge (UC)?
A UC is a CTF-style, bite-sized lesson from the JHT Team, our courseware developers as well as “friends” of JHT. They are meant to be short and to the point. UCs focus on a single tool or concept and are helpful in quickly providing useful skills that might be prerequisites for other types of educational content on the platform.
A UC should be 10 – 30 minutes of student time and have no VMs. There are quizzes to make sure that the content is understood.
Prerequisites for “UC – Sysmon”
UCs assume no knowledge at all! They’re meant to be completely self-contained, so all of the answers are in the lesson. No outside research is required.
