drop sysmon xml configuration file · score detection coverage · identify blind spots · flag missing event types · compare against community best-practice configs · produce gap analysis with specific recommendations · runs locally
sysmon xml
drop sysmonconfig.xml
or click
drop sysmonconfig.xml or sysmon xml export