Understanding Sysmon & Threat Hunting with A Cybersecurity Specialist & Incident Detection Engineer [YouTube Release]

Additional Resources:

Links mentioned in the video

Sending Windows Event Logs to Graylog With NXLOG

Connecting With Us

Lawrence Systems Shirts and Swag

►👕 https://lawrence.video/swag/


Amazon Affiliate Store
:shopping_cart: Lawrence Systems's Amazon Page

All Of Our Affiliates that help us out and can get you discounts!
:shopping_cart: https://www.lawrencesystems.com/partners-and-affiliates/

Gear we use on Kit
:shopping_cart: Kit

Use OfferCode LTSERVICES to get 10% off your order at
:shopping_cart: Tech Supply Direct - Refurbished Tech at Unbeatable Prices

Digital Ocean Offer Code
:shopping_cart: DigitalOcean | Cloud Hosting for Builders

HostiFi UniFi Cloud Hosting Service
:shopping_cart: HostiFi - UniFi Cloud Hosting

Protect you privacy with a VPN from Private Internet Access
:shopping_cart: Buy VPN with Credit Card or PayPal | Private Internet Access

:moneybag: lawrencesystems | creating Tech Tutorials & Reviews | Patreon

0:00 - Introductions
5:19 - Cyber Threat Defense Strategies
7:38 - Understanding Sysmon Essentials
13:57 - Exploring Sysmon Advantages
15:29 - Standard Deviation Explained
18:41 - Adversary Emulation Techniques
24:00 - Sysmon Use Case: Scenario 1
30:47 - Sysmon Use Case: Scenario 2
36:43 - Sysmon Use Case: Scenario 3
44:06 - Exchange Server Compromise Case Study
52:53 - Enhancing Detection with Testing
55:30 - Insights from Incident Response
57:21 - Conclusion and Thanks