Displaying 1 to 2 from 2 results

whids

  •    Go

Very flexible Host IDS designed for Windows. We are making use of a previously developped rule engine Gene designed to match Windows events according to custom rules. The rules are simple to write and easy to understand so that everyone can identify why a rule has triggered. With the democratisation of Sysmon, this tools is perfect to quickly build hunting rules or simply monitoring rules to screen things of interest happening on your machine(s). With WHIDS you don't have to bother with an over complicated Sysmon configuration which often turns to the nightmare when you want to be very specific.The simplest thing is just to enable all the logging capabilites of Sysmon and let WHIDS do his job, grab a coffee and wait for the juicy stuff to happen. The tool has a low overhead for the system, according to our current benchmarks.