Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).
A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 Defender).
Microsoft Sentinel SOC Operations
The Microsoft Sentinel Triage AssistanT (STAT) enables easy to create incident triage automation in Microsoft Sentinel
A collection of various SIEM rules relating to malware family groups.
Ian Hanley's deceptively simple KQL queries.
Welcome to the Cloud Security Toolkit repository, your all-in-one destination for cutting-edge cloud security resources! Whether you're diving into offensive strategies, mastering threat hunting, or bolstering your blue-team defenses, this repo has you covered.
A walkthrough of creating and using the Azure environment and Microsoft Sentinel to track attacks and plot attacks on a live map.
⛳️ PASS: Microsoft Azure AZ-500 (Azure Security Engineer Associate) by learning based on our Questions & Answers (Q&A) Practice Tests Exams.
Add Microsoft Defender machine logon users to a Microsoft Sentinel incident comment
Revoke Entra ID user sessions from Microsoft Sentinel incidents
Microsoft Sentinel / Azure Open AI 演習のレポジトリです。
The purpose of this repository is to share KQL queries to help identify security misconfigurations, hunt for specific patterns, or detect malicious behavior
Microsoft Sentinel fork of Adaz 🔧 Deploy customizable Active Directory labs in Azure - automatically.
This workspace contains all the code (ARM templates and PowerShell) referenced inside my Medium article about the Sentinel Workspace Manager.
Content supporting the Microsoft hands-on at DSAG Technology Days March 2023
This repository provides summarization Schedule Analytics Rules in Sentinel Incident
Add a description, image, and links to the microsoft-sentinel topic page so that developers can more easily learn about it.
To associate your repository with the microsoft-sentinel topic, visit your repo's landing page and select "manage topics."