+- Geeks for your information (https://www.geeks.fyi)
+-- Forum: News (https://www.geeks.fyi/forumdisplay.php?fid=105)
+--- Forum: Microsoft Windows News (https://www.geeks.fyi/forumdisplay.php?fid=32)
+--- Thread: New Windows 11 Update Adds Built-In Sysmon and OneDrive Sharing Tweaks (/showthread.php?tid=21594)
New Windows 11 Update Adds Built-In Sysmon and OneDrive Sharing Tweaks - harlan4096 - 13 February 26
Quote:Microsoft is rolling out Windows 11 Insider Preview Build 28020.1611 (KB5077221) to the Canary Channel. As expected with Canary builds, this release focuses on early platform changes and experimental features.
There’s also a small known issue: the desktop watermark currently shows the wrong build number, which Microsoft says will be corrected in an upcoming build.
While you can check the previous update, here’s what’s new.
Built-In Sysmon Comes to Windows
One of the biggest additions in this build is native Sysmon support.
Previously available as a separate Sysinternals download, Sysmon (System Monitor) is now integrated directly into Windows as an optional feature. IT professionals and security teams widely use Sysmon to monitor detailed system activity for threat detection.
What Sysmon Does
Sysmon captures and logs system-level events, including:These events are written to the Windows Event Log, where they can be analyzed by security tools or SIEM platforms.
- Process creation
- Network connections
- File changes
- Driver loading activity
Continue Reading...
![[Image: event-screen-optimized.png]](https://www.ghacks.net/wp-content/uploads/2026/02/event-screen-optimized.png)