.svg?width=185&quality=80&auto=webp&format=auto&cache=true&immutable=true&cache-control=max-age%3D31536000 "Home"){kind=logo}
.svg?width=13&quality=80&auto=webp&format=auto&cache=true&immutable=true&cache-control=max-age%3D31536000 "Top Navigation - Sign in - Icon")
Microsoft (Sysinternals)
Sysmon
System Monitor (Sysmon) is a Windows system service and device driver from Microsoft's Sysinternals suite that monitors and logs system activity to the Windows event log. It provides detailed information about process creations, network connections, file creation time changes, and driver/image loads.
Sysmon generates high-fidelity security telemetry essential for threat hunting and incident investigation, capturing process creation with full command lines, network connections with process context, file hash computation, and DNS query logging. It is widely regarded as one of the most valuable free security monitoring tools for Windows environments.
Sophos Products
Sophos MDR/XDR Integrations
Partner Technology
Monitoring & Reporting
Solution Category
Sophos MDR/XDR Integrations