This is not really an issue, but perhaps a direction that would be interessting, for users, but also for the respective devs of the 2 projects.
Alot of props for powershell based DFIR, and the HELK project contains very modular sysmon configs, a Spark analytics layer, and an integration with Invoke-IR ACE.
I feel kinda cheap raising this without actually offering to help out, but my devs skills aren't tip top =/
This is not really an issue, but perhaps a direction that would be interessting, for users, but also for the respective devs of the 2 projects.
Alot of props for powershell based DFIR, and the HELK project contains very modular sysmon configs, a Spark analytics layer, and an integration with Invoke-IR ACE.
I feel kinda cheap raising this without actually offering to help out, but my devs skills aren't tip top =/