I have been searching for a way to enrich EventID 3 Sysmon logs with CommunityID for a long time, and most of the solutions I found propose complex solutions. To achieve that, we will harness the power of Apache NiFi to manipulate, route, and filter out Sysmon logs. | threathuntingtails.com
The binary fltMC.exe is used to manage minifilter drivers. You can easily load and unload minifilters using this binary. To unload the Sysmon driver you can use: fltMC unload SysmonDrv If this bina…| 🔐Blog of Osanda
Escrito por Daniel Olivares Introducción Continuando con nuestra serie de artículos para mejorar la seguridad en nuestras PyMES u hogares. Hoy queremos presentarles una forma de mejorar los registr…| FINSIN