.svg?width=185&quality=80&auto=webp&format=auto&cache=true&immutable=true&cache-control=max-age%3D31536000 "Home"){kind=logo}
.svg?width=13&quality=80&auto=webp&format=auto&cache=true&immutable=true&cache-control=max-age%3D31536000 "Top Navigation - Sign in - Icon")
IBM / Microsoft
Sysmon (IBM WinCollect)
This integration combines Microsoft Sysmon's detailed endpoint telemetry with IBM WinCollect's log collection capabilities, enabling collection of high-fidelity process, network, and file system events from Windows endpoints. Sysmon provides the instrumentation while WinCollect handles reliable log transport.
The combined solution delivers detailed security telemetry including process creation with command lines, network connections with process context, file hash computation, registry modifications, and DNS queries. This data is foundational for threat hunting, detection engineering, and incident investigation across Windows environments.
Sophos Products
Sophos MDR/XDR Integrations
Partner Technology
Monitoring & Reporting
Solution Category
Sophos MDR/XDR Integrations