Unit 1: Sysmon Basics & Process Activity
Unit 2: Network & Driver Activity
Practical Sysmon Event ID Interpretation for SOC Analysts
Master the art of interpreting Sysmon logs to detect and respond to advanced threats, transforming raw data into actionable security intelligence.
Unit 1: Unmasking Process Manipulation
Unit 2: Advanced Data & Device Monitoring
Unit 1: Registry Monitoring for Persistence
Unit 2: WMI and Named Pipe Monitoring