diff --git a/content/vtt-paris-2023-02-demo-security-side-loading.md b/content/vtt-paris-2023-02-demo-security-side-loading.md
index 35c970f..d52ee91 100644
--- a/content/vtt-paris-2023-02-demo-security-side-loading.md
+++ b/content/vtt-paris-2023-02-demo-security-side-loading.md
@@ -27,6 +27,9 @@ Notes personnelles
     - win achi: loader / runing process
     - side loading: 2 soft de confiance sont utilisé pour créer un thread
 * demo
+* Contre messure (windows): config `sysmon` pour le SIEM
+    - SwiftOnSecurity Config
+    - TrustedSec Guide
 
 
 [author]: https://www.linkedin.com/in/%F0%9F%94%91-s%C3%A9bastien-m%C3%A9riot-8b1b74a