TWCN Tech News

Sysmon System Monitor for Windows

The basic workflow behind System Monitor is that it stores information from Windows Event Collection (Event Viewer) and Security Information and Event Management (SIEM) agents like process IDs, GUIDs, ...
CSOonline

How to use Microsoft Sysmon, Azure Sentinel to log security events

Microsoft's Sysmon and Azure Sentinel are easy and inexpensive ways to log events on your network. Here's how to get started with them. Logging is the key to knowing how the attackers came in and how ...
TWCN Tech News

The security log is now full (Event ID 1104)

In Event Viewer, the errors logged are common, and you will come across different errors with different Event IDs. The events that are recorded in the security logs usually will be either of the ...