The security industry has long recognized the value of Microsoft Sysmon. Microsoft Sysinternals Autoruns, Process Explorer, and Sigcheck tools integrate VirusTotal reports, and VirusTotal itself uses Sigcheck to report details on Windows portable executable files. Microsoft 365 Defender uses VirusTotal reports as an accurate threat intelligence source, and VirusTotal uses detections from Microsoft Defender Antivirus as a primary source of detection in its arsenal. This is the latest milestone in the long history of collaboration between Microsoft and VirusTotal. The new behavior report in VirusTotal includes extraction of Microsoft Sysmon logs for Windows executables (EXE) on Windows 10, with very low latency, and with Windows 11 on the roadmap. The System Monitor (Sysmon) utility, which records detailed information on the system’s activities in the Windows event log, is often used by security products to identify malicious activity. The powerful logging capabilities of Sysinternals utilities became indispensable for defenders as well, enabling security analytics and advanced detections. Whether you’re an IT professional or a developer, you’re probably already using Microsoft Sysinternals utilities to help you manage, troubleshoot, and diagnose your Windows systems and applications. Today, following the 25th year anniversary of Microsoft Sysinternals, we are announcing the general availability of a new Microsoft Sysmon report in VirusTotal. Microsoft Purview Data Lifecycle Management.
0 kommentar(er)
