Microsoft Finally Makes Sysmon Native To Windows
No More Hunting Down Sysintenals For This Valuable Tool
Sysmon has been around for some time, but you’ve had to know what it is and how to install it. Currently you need to visit Microsoft’s Sysinternals page, grab Sysmon and install it. It’s not a terribly onerous task but it tends to mean Sysmon is installed after a problem occurs and Event Manager didn’t reveal the reason why. It would be far better for everyone if Sysmon was already installed and running, so you can have a decent chance at figuring out what went wrong the first time it happens.
A more widespread use of Sysmon will also mean better examples of custom configurations would be easily available for all. It is a powerful tool but does need tweaking to make it effective for your environment. Bleeping Computer offers a few examples in their post, including DNS queries and process tampering. Thanks to Windows Subsystem for Linux, you can also install Sysmon on a Linux box which is very helpful for those far more familiar with Sysmon than they are with native Linux troubleshooting tools.
Microsoft announced today that it will integrate Sysmon natively into Windows 11 and Windows Server 2025 next year, making it unnecessary to deploy the standalone Sysinternals tools.
More Tech News From Around The Web
- Widespread Cloudflare outage blamed on mysterious traffic spike @ Ars Technica
- Microsoft, Nvidia Commit Up To $15 Billion Investment in Anthropic as Claude Scales on Azure @ Slashdot
- Arm Joins the NVIDIA NVLink Fusion Ecosystem @ ServeTheHome
- Microsoft’s first Windows 10 ESU Patch Tuesday release fails for some @ The Register
- Google fixes new Chrome zero-day flaw exploited in attacks @ Bleeping Computer
- Microsoft is Adding an ‘Experimental Agentic Features’ Toggle To Windows 11 @ Slashdot
- Win the new InWin DLITE Mid-Tower Chassis – Launched Today! @ TweakTown
Great to see Sysmon becoming native to Windows! This will definitely simplify the installation process for many users. Looking forward to seeing how it enhances security monitoring without needing extra steps.