Sysmon Endpoint Monitoring, Now w/ Clipboard Voyeurism - Corey Thuen - PSW #671

published 7 months ago by Security Weekly

Sysmon is a free endpoint monitoring tool published by Microsoft in their sysinternals suite. It generates process creations, network connections, file creations, DNS, and now clipboard monitoring with v12. We'll discuss what's in the events and how to easily visualize and search them with Gravwell's new Sysmon Kit. This segment is sponsored by Gravwell.   Show Notes: Visit to learn more about them! Visit for all the latest episodes! 

more episodes from Paul's Security Weekly TV