Fun fact I made a typo in sysmon-config many years ago, when I was working in Helpdesk.
I got my shot and was hired to the big firm with the big fancy expensive tools I would've never dreamed of.
Do you know what I find in that tool, auditing it?
My typo. They pasted it in. They just... copied the whole thing.
I sit at my desk. And I realize I was always enough.
The full story of sysmon-config, the first (to my awareness) comprehensive open source HIDS monitoring solution configuration, is something I would like to tell sometime.
It was in fact not generated for a security job, strictly. I needed to understand the sensitive modifications being made to our Windows systems as Helpdesk. And I did not want to filter Procmon again.
It turns out the modifications that screw things up... kind of include the malware and spyware ones. Especially back then.
@SwiftOnSecurity reminds me of the time when Brendan Gregg, who was not working at Sun at the time, got a spiel from a salesperson about new profiling tools.
It was his own dtrace scripts they were demoing to him.
https://www.brendangregg.com/blog/2021-06-04/an-unbelievable-demo.html
@jlargentaye At the risk of kicking off *that* argument
Definitely casts the whole "ZFS vs GPL" debacle in a different light. Seeing how they treated open source developers in the 2000's
@SwiftOnSecurity one time i got hired at unity to fix a bug for myself that they wouldn’t. also, i lost an important project when a hard drive crashed, that i had submitted as part of a bug report some years before. as customer i asked them to recover the project for me, and they refused. i got that back too.
i’m not really sure what the moral of the story is here.
Kileen
SwiftOnSecurity
John de Largentaye
netop://ウィビ
Cursed Silicon
Briala
Comrade Weez
Kelly MacNeill
Oriel Jutty 
Dave C.