Skip to content

Latest commit

 

History

History
32 lines (14 loc) · 1.38 KB

README.md

File metadata and controls

32 lines (14 loc) · 1.38 KB

Sysmon-config

This configuration file for Sysmon is designed for the MITRE ATT&CK Evaluation. Tested with Deep Security Manager ™ 12 LTS with DSRU version 20-002 and above and Deep Security Agent version 12

Instructions on configuring Sysmon and the appropriate Log Inspection Rules can be found here: https://success.trendmicro.com/solution/1123908-Deep-Security-Log-Inspection-Rules-for-Sysmon-Event-Monitoring

Support

This DSM Policy can be tuned as per the Customer infrastructure and environment. Project contributors may be able to help, depending on their time and availability. Please be specific about what you're trying to do, your system, and steps to reproduce the problem.

Official support from Trend Micro is not available. Individual contributors may be Trend Micro employees, but are not official support.

If you have questions about using the dsm policy, consider asking on Stack Overflow. Tag your question with deepsecurity and it will get pushed to our internal automation support Slack channel.

Contribute

We accept contributions from the community. To submit changes:

  1. Fork this repository.
  2. Create a new feature branch.
  3. Make your changes.
  4. Submit a pull request with an explanation of your changes or additions.

We will review and work with you to release the Symon Config file changes.