Using Sysmon to Enrich Security Onion's Host-Level Capabilities
With more network traffic being encrypted, as well as the persistence of advanced adversaries, it is becoming increasingly imperative that there is greater visibility at the host-level. With this greater visibility comes the ability to more efficiently detect and respond to threats. This paper...