Skip to content

deep-security/sysmon-config

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
 
 
 
 

Repository files navigation

Sysmon-config

This configuration file for Sysmon is designed for the MITRE ATT&CK Evaluation. Tested with Deep Security Manager ™ 12 LTS with DSRU version 20-002 and above and Deep Security Agent version 12

Instructions on configuring Sysmon and the appropriate Log Inspection Rules can be found here: https://success.trendmicro.com/solution/1123908-Deep-Security-Log-Inspection-Rules-for-Sysmon-Event-Monitoring

Support

This DSM Policy can be tuned as per the Customer infrastructure and environment. Project contributors may be able to help, depending on their time and availability. Please be specific about what you're trying to do, your system, and steps to reproduce the problem.

Official support from Trend Micro is not available. Individual contributors may be Trend Micro employees, but are not official support.

If you have questions about using the dsm policy, consider asking on Stack Overflow. Tag your question with deepsecurity and it will get pushed to our internal automation support Slack channel.

Contribute

We accept contributions from the community. To submit changes:

  1. Fork this repository.
  2. Create a new feature branch.
  3. Make your changes.
  4. Submit a pull request with an explanation of your changes or additions.

We will review and work with you to release the Symon Config file changes.

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published