ZDNet

Sysinternals new Sysmon tool looks for intruder traces

For the first time in almost two years, Microsoft's Mark Russinovich has added a new tool to the Sysinternals tool suite. The new tool is Sysmon which monitors for and logs certain specific events.
Bleeping Computer

Microsoft releases Sysmon 11 with auto-backup of deleted files

Microsoft has released Sysmon 11, and it now comes with an important feature that allows you to monitor for and automatically archive deleted files on a monitored system. If you are not familiar with ...
Bleeping Computer

Sysmon Getting DNS Query Logging with Querying Process Name

To the delight of Windows system administrators everywhere, Microsoft has announced that a new version of Sysmon is coming out this week that will include the ability to log DNS queries performed on a ...