Endpoint security - PSJoshi/Notes GitHub Wiki

Insight agent - Endpoint monitoring and response - https://insightidr.help.rapid7.com/docs/the-insight-agent
SysMon suspicious activity guide - https://blogs.technet.microsoft.com/motiba/2017/12/07/sysinternals-sysmon-suspicious-activity-guide/
SysMon config - https://github.com/SwiftOnSecurity/sysmon-config
Sysmon link - https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon
Host-based detection techniques pros and cons - https://posts.specterops.io/thoughts-on-host-based-detection-techniques-21d9c97082ce
Open source endpoint detection and response "LimaCharlie" - https://github.com/refractionPOINT/limacharlie
HELK - https://github.com/Cyb3rWard0g/HELK
OsQuery from facebook - https://github.com/facebook/osquery
Google rapid response(GRR) - https://github.com/google/grr
Data collection using Kansa - https://github.com/davehull/Kansa
Windows Logging service - https://digirati82.com/wls-information/
LOG-MD free edition - https://www.imfsecurity.com/download