This release of Sysmon, an advanced background monitor that records process-related activity to the event log for use in intrusion detection and forensics, introduces more powerful filtering capabilities, allowing for both include and exclude rules to be specified for specific events types, as well as complex matching on different event fields.
[su_button url=”https://technet.microsoft.com/en-us/sysinternals/sysmon” target=”blank” style=”flat” background=”#222348″ size=”7″ radius=”0″]Download[/su_button]
