Whether you’re a member of your company’s security team or incident response team, you no doubt understand the importance of getting Microsoft’s Sysmon utility installed on your Windows systems. It seems like every few months there is another guide or article published by CISA reemphasizing the importance of deploying Sysmon to help prevent ransomware, or at a minimum, making Sysmon logs available during an incident response post compromise.
Fortunately, we here at RDPSoft have created a nifty utility called Sysmundo for system administrators and security team members that makes deploying Sysmon, reconfiguring Sysmon, and uninstalling Sysmon across your Windows systems very easy to do. It does not require any scripting, and all actions are driven by a GUI. Best of all, these specific features do not require you to purchase a license from us – you can leverage our tool to do install, reconfigure, or uninstall Sysmon whenever you need it to. Here’s how it works.
[Read more…]