At SteelCon in July 2023, @__mez0__ gave a talk which took a look at the telemetry that EDRs can gain access to. This data was shaped into JSON to demonstrate how the enrichment process between telemetry sources can provide a clear picture on an applications behaviour.

The PDF export of the slides can be found below.