← All talks
Tool

BSides talks featuring Sysmon

87 talks mention this tool across 41 BSides chapters.

Talks featuring Sysmon

28:25
Post-Exploit Threat Modeling with ATT&CK
Andy Applebaum
BSides Delaware · 2016
TechnicalTalk
Open →2016-11
27:13
BSides Iowa 2018: "Threat Hunting Windows Event Logs w/ Powershell"
BSides Iowa
Open →2018-04
42:44
Threat Hunting On Linux And Mac With Auditbeat System Module
Aaron Jewitt
BSides Luxembourg · 2019
TechnicalDFIRDetection EngineeringBlueTalk
Open →2019-11
59:59
Windows 10 Forensics
Mariusz Litwin
BSides Warsaw · 2018
TechnicalTalk
Open →2018-10
47:49
Keynote - Jeff Banner
BSides Sydney
Open →2019-09
45:38
Threat Hunting by Dhruv Majumdar
Dhruv Majumdar
BSides Edmonton · 2018
TechnicalTalk
Open →2018-09
31:20
Don't Boil the Ocean: Using MITRE ATT&CK to Guide Hunting Activity
John Stoner
BSidesSF · 2019
TechnicalBlueTalk
Open →2019-03
33:40
Quick And Easy Forensic Timelines Via Sysmon, WEF, And ELK
Aaron Jewitt
BSides Munich · 2019
TechnicalDFIRDetection EngineeringBlueTalk
Open →2019-03
46:18
Log All The Things! Proactive Forensics using Log Analysis
Aaron BeuhringKyle Salous
BSides DC · 2015
TechnicalTalk
Open →2015-11
48:34
Using DeTT&CT and the MITRE ATT&CK Framework to Assess Your Security Posture
David Branscome
BSides Knoxville · 2022
TechnicalDetection EngineeringThreat ModelingIntermediaryBlueDemoTalk
Open →2022-05
32:14
White Collars & Black Hats: Bitcoin, Dark Nets and Insider Trading by Ken Westin
Ken Westin
BSides Edmonton · 2018
Talk
Open →2018-09
30:06
Windows Event Forwarding and OSSEC — You can do this!
Robert Wilson
BSides Augusta · 2018
TechnicalDevSecOpsBlueTalk
Open →2018-11
46:17
Let's Start Over!
Craig Chamberlain
BSides DC · 2018
TechnicalDemo
Open →2018-11
45:50
Cobalt Strike – A Defender's Perspective
Roshan Maskey
BSides Islamabad · 2020
TechnicalBlueTalk
Open →2020-11
50:03
EDR Internals for macOS and Linux - Kyle Avery
Kyle Avery
BSides SATX · 2024
TechnicalTechnical Deep-divesTalk
Open →2024-06
32:39
Unpacking Impacket: Detect remote execution of offensive tools
Tyler Bohlmann
BSides SLC · 2022
TechnicalActive DirectoryDFIRDetection EngineeringBlueTalk
Open →2023-01
20:06
ELK: Not P.O.S.
Jason Kendall
BSides Toronto · 2014
TechnicalTalk
Open →2014-12
47:23
Open Source GitOps for Detection Engineering
Zach Wasserman
BSides Las Vegas · 2023
TechnicalDetection EngineeringDevSecOpsBlueDemoTalk
Open →2023-10
20:17
BSides Toronto 2019 Anton Ovrutsky
BSides Toronto
Open →2019-10
18:48
Think You're Stealthy? How to Detect Attacks in AD
Rachit AroraSai Sathvik RuppaAakash Raman
BSides Charm · 2025
TechnicalActive DirectoryDFIRDetection EngineeringIntermediaryBlueTalk
Open →2025-05
50:24
From Kali and a Couple of VMs to NextGen Home Lab - An Approach to Practice and Develop your Skills
Bashar Shamma
BSides SATX · 2020
TechnicalTalk
Open →2020-08
26:14
Making a State-Backed Implant Invisible: A New Blind Spot in Modern A/V & HIDS Solutions
Dimitrios Bougioukas
BSides Athens · 2018
TechnicalAdvancedRedTechnical Deep-divesDemo
Open →2018-08
43:16
Testing Endpoint Security Solutions with Atomic Red Team
BSides Asheville · 2018
TechnicalDetection EngineeringThreat ModelingIntermediaryBluePurpleMethodologyDemo
Open →2019-03
54:37
When a Security Architect Writes an Application
David Zendzian
BSides Charleston · 2014
TechnicalWeb AppSecTalk
Open →2014-11
43:57
MS SQL Super Quality Logs
Tristan
BSides Perth · 2023
TechnicalDetection EngineeringThreat IntelIntermediaryBlueMethodologyTechnical Deep-divesTalk
Open →2023-08
25:40
Red and Blue Ping Pong: Living Off the Land in Windows Attack and Defense
Lee KaganAnton Ovrutsky
BSides Toronto · 2017
TechnicalActive DirectoryMalware AnalysisPurpleDemoTalk
Open →2018-01
51:35
Spotting The Adversary Using The ATT&CK Matrix: A Practical Approach
Pete O
BSides Bristol · 2019
TechnicalDetection EngineeringThreat IntelBlueTalk
Open →2019-07
50:06
Threat Hunting: Out of the Gate with Windows Logs
Greg LongoBrian Gardiner
BSides Peru · 2019
TechnicalDetection EngineeringMalware AnalysisThreat IntelIntroBlueTechnical Deep-divesTalk
Open →2019-07
45:09
Reverse-Shell Fallacy: An introduction into defence evasion techniques
Gerhard Botha
BSides Joburg · 2024
TechnicalRedTalk
Open →2024-08
45:34
Purple Teaming Cloud Identity Simulation Labs for Red and Blue teams
Jason Ostrom
BSides Dallas/Fort Worth · 2022
TechnicalCloud IAMDetection EngineeringThreat ModelingPurpleTechnical Deep-divesDemoTalk
Open →2022-11
42:15
BSidesAugusta 2014 Tim Crothers - Techniques for Fast Windows Investigations
BSides Augusta
Open →2014-09
44:59
Tony Lambert - Spotting Lateral Movement with Endpoint Data
Tony Lambert
BSides Augusta · 2019
TechnicalTalk
Open →2019-10
48:23
Security Operations with Velociraptor
Eric CapuanoWhitney Champion
BSides Tampa
TechnicalTalk
Open →2023-09
23:14
Tactics, Techniques and Procedures - Building and Running a Blue Team from Scratch
Abhishek Tripathi
BSides SATX · 2018
TechnicalDetection EngineeringThreat IntelBlueTalk
Open →2018-10
37:36
Ransomware Emulation Done Right
Shreyas RamiShaun Jones
BSides Las Vegas · 2022
TechnicalDetection EngineeringMalware AnalysisThreat IntelPurpleCase Studies and Incidents AnalysisTalk
Open →2022-09
55:07
Brandon George - Hunt Like You Mean It
BSides Columbus
Open →2020-08
38:58
Windows Management Instrumentation for Good and Evil
Jaime Geiger
BSides Delaware · 2017
TechnicalTalk
Open →2017-11
34:01
Detect the Undetectable with Sysmon and PowerShell Logs
Dimitrios Margaritis
BSides Athens · 2017
TechnicalDetection EngineeringMalware AnalysisThreat IntelBlueTalk
Open →2017-10
23:53
Applying Sysmon-type Filtering to Elastic Agent Process Auditing
Josh Brower
BSides Augusta · 2023
TechnicalDFIRDetection EngineeringBlueDemoTalk
Open →2023-10
37:04
The Threat Hunting Solution You Might Not Have Expected
Lee Archinal
BSides Buffalo · 2022
TechnicalTalk
Open →2022-06
32:09
BSides DC 2019 - Digital Canaries in Coal Mines: Detecting Adversarial Enumeration with DNS & AD
Stephan Borosh
BSides DC · 2019
TechnicalActive DirectoryTalk
Open →2019-10
31:34
A Journey Through MITRE Evaluation - Alex Davies
Alex Davies
BSides Cymru Wales · 2019
Talk
Open →2019-10
46:20
Xavier Mertens - All Your Logs Are Belong To You!
Xavier Mertens
BSides London · 2014
Talk
Open →2014-09
31:04
Host-Hunting on a Budget
Leo Bastidas
BSides Augusta · 2019
TechnicalDFIRDetection EngineeringThreat IntelBlueTalk
Open →2019-10
10:30
Sysmon Monitoring Different Way
Marek Mikita
BSides Vancouver · 2021
ToolingDemoTalk
Open →2021-06
1:20:35
What is eBPF and Why Should You Care!
Kev Sheldrake
BSides Athens · 2022
TechnicalDetection EngineeringReverse EngineeringToolingAdvancedBlueRedTalk
Open →2023-06
51:15
Microsoft Quick Assist
Tyler Hudak
BSidesROC · 2025
TechnicalTalk
Open →2025-03
49:26
Sysmon or it Didn't Happen
Gerard Johansen
BSides Charm · 2024
TechnicalDFIRDetection EngineeringBlueTalk
Open →2024-06
24:24
Robust Defense for the Rest of Us
Russell Mosley
BSides Las Vegas · 2017
TechnicalDetection EngineeringNetwork SecurityThreat ModelingBlueTalk
Open →2017-08
40:39
Wes Lambert - Endpoint Excavation: Digging Through Host Artifacts with Velociraptor
Wes Lambert
BSides Augusta · 2021
TechnicalBlueTalk
Open →2021-10
25:06
BSidesCharm 2024 - Defenders can use ATT&CK! Oh really? - Lex Crumpton
BSides Charm
Open →2024-06
33:52
What the Log?! So Many Events, So Little Time...
Miriam Wiesner
BSides Luxembourg · 2019
Technical
Open →2019-11
37:55
Purple Teaming 301 – Free Attack Simulation and Control Validation via Atomic Red Team
Jason Wright
BSides Charm · 2024
TechnicalDetection EngineeringThreat ModelingPurpleTalk
Open →2024-06
25:48
From Noise To Insight: Supercharge Your SOC With Automated Alert Correlation
Anicet Fopa Tchoffo
BSides Leeds
TechnicalTalk
Open →2024-07
16:09
Visualize Windows Events using Python3 & Neo4j
Tasos Chatziefstratiou
BSides Athens · 2020
TechnicalBlueDemoTalk
Open →2020-06
20:36
Nicholas Gobern - Good Behavior is it's own reward
Nicholas Gobern
BSides Augusta
TechnicalTalk
Open →2023-10
52:10
Cloud Security
Scott Arveseth
BSides SLC · 2015
TechnicalTalk
Open →2015-04
28:24
Fantastic Clear-Text Passwords And Where To Collect Them
Stephan Berger
BSides Munich · 2025
TechnicalActive DirectoryMalware AnalysisThreat IntelBlueCase Studies and Incidents AnalysisTalk
Open →2026-02
47:12
Have Lab, Now What?
Kelsey SeymourAaron Everson
BSides Buffalo
CareerTalk
Open →2024-06
59:48
DCO and Data Science: Best Friends Forever
BSides Augusta · 2022
TechnicalBlueDemoTalk
Open →2022-10
41:51
Keeping up with the Jones's and other APT threats
Kenneth Inkster
BSides Calgary
TechnicalDFIRDetection EngineeringMalware AnalysisThreat IntelBlueTalk
Open →2020-12
50:56
Operationalizing Purple Team
Jorge Orchilles
BSides SATX · 2021
TechnicalPurpleTalk
Open →2021-06
50:26
Shelly Giesbrecht: The Trouble With Ransomware
Shelly Giesbrecht
BSides Calgary · 2020
TechnicalTalk
Open →2020-12
52:37
Building the Panopticon: Centralized Logging and Alerting With Free Tools
Matthew Gracie
BSidesROC · 2018
TechnicalBlueTalk
Open →2018-04
42:47
BSidesCharm 2022 - Log4j From The Trenches - Max Thauer
BSides Charm
Open →2022-07
31:06
Escapades in DFIR, An Incident Responder's Reflections
Mark Nakamura
BSides RDU · 2022
CareerWar StoriesDFIRDetection EngineeringThreat IntelBluePurpleTalk
Open →2023-03
51:54
Wes Lambert - Augmenting the (Security) Onion: Facilitating Enhanced Detection and Response
Wes Lambert
BSides Augusta
TechnicalDFIRDetection EngineeringThreat IntelBlueTalk
Open →2019-10
45:05
Detecting the Elusive: Active Directory Threat Hunting
Sean Metcalf
BSides Charm · 2017
TechnicalActive DirectoryDetection EngineeringKerberosBlueTechnical Deep-divesTalk
Open →2021-05
14:26
Actioning ATT&CK
Jake Liefer
BSides Delaware · 2018
TechnicalDetection EngineeringThreat ModelingPurpleTechnical Deep-divesTalk
Open →2018-11
37:03
Ransomware Threat Hunting: Commonly Overlooked Areas for Stopping Ransomware Intruders - Allan Liska
BSides Peru
Open →2022-09
43:43
Building a Sawmill: Processing Logs with Security Onion
Matthew Gracie
BSides Peru · 2024
TechnicalDFIRDetection EngineeringThreat IntelBlueDemoTalk
Open →2024-08
47:35
Sharing Open Datasets with the World to Develop Detections from Home | Roberto Rodriguez
Roberto Rodriguez
BSides Delhi 2020
CommunityTechnicalDFIRDetection EngineeringThreat ModelingTalk
Open →2020-11
17:47
Building My Ultimate Home Detection Lab - Oliver Creed
Oliver Creed
BSides Lancashire
TechnicalTalk
Open →2024-06
49:39
Supercharge Your SOC with Sysmon
Chris LeeMatthew Giannetto
BSides Philly · 2018
TechnicalDFIRDetection EngineeringMalware AnalysisBlueTalk
Open →2018-11
22:58
Tom Webb - Incident Response Awakens
Tom Webb
BSides Augusta · 2016
Talk
Open →2016-09
40:25
Catching More Files - Spotting the Adversary with Honey Techniques
Matthew Gracie
BSidesROC · 2023
TechnicalTalk
Open →2024-09
37:20
Yeet the Leet with Osquery
Sebastiaan Provost
BSides Newcastle · 2021
TechnicalDetection EngineeringMalware AnalysisThreat IntelTalk
Open →2021-10
24:07
What the deuce: Strategies for splitting your alerts
John T. Myers
BSides Philly
TechnicalTalk
Open →2017-08
34:56
Emulate.Go: Adversary Emulation for CTI Analysts
Haydn Johnson
BSides Toronto · 2020
TechnicalDetection EngineeringThreat IntelPurpleDemo
Open →2021-11
33:25
T1 08 I Thought I Saw a |-|4x0.-, Thomas V. Fischer (@fvt)
Thomas V. Fischer
BSides Athens · 2017
Open →2017-10
23:36
Illuminate the Grid: Building Telemetry Through Purple Teaming
Gabriel Schram
BSides Charlotte · 2026
TechnicalDetection EngineeringThreat IntelThreat ModelingPurpleCase Studies and Incidents AnalysisMethodologyTalk
Open →2026-04
38:12
BSidesCharm - 2018 - Adam Mathis - Using Atomic Red Team to Test Endpoint Solutions
BSides Charm
Open →2021-05
46:37
Malware Persistence in Windows
Peter Morin
BSides Calgary · 2022
TechnicalMalware AnalysisTalk
Open →2022-12
42:40
The Declarative Future
Liam Randall
BSides Charm
TechnicalContainer SecurityDetection EngineeringWeb AppSecKeynote
Open →2021-05
31:21
Tony Drake Incident Response for the Overwhelmed, Understaffed, and Unprepared
Tony Drake
BSides Boulder
CareerDFIRTalk
Open →2021-08
46:56
What Did the SIEM Say?
Shawn ThomasJR Presmy
BSides Charm · 2019
TechnicalDetection EngineeringThreat IntelBlueTalk
Open →2021-05
25:24
Effective Monitoring for Operational Security
Russell MosleyRyan St. Germain
BSides Charm
TechnicalDetection EngineeringThreat IntelBlueTalk
Open →2021-05