Fixing custom sysmon-modular rules with invalid XML
I’m a big proponent of Sysinternals Sysmon for shops that aren’t running a commercial endpoint detection and response (EDR) tool, like VMware’s Carbon Black or Crowdstrike’s Falcon. Sysmon is the
I’m a big proponent of Sysinternals Sysmon for shops that aren’t running a commercial endpoint detection and response (EDR) tool, like VMware’s Carbon Black or Crowdstrike’s Falcon. Sysmon is the