Alternatives and similar repositories for Azure-Sentinel-BYOML

Users that are interested in Azure-Sentinel-BYOML are comparing it to the libraries listed below

• splunkalicious / PII_Tools
  ☆10Updated 5 years ago
• OTRF / infosec-jupyter-book
  The Infosec Community Definitive Guide to Jupyter Notebooks
  ☆131Updated 5 years ago
• microsoft / AzDetectSuite
  A collection of ARM-based detections for Azure/AzureAD based TTPs
  ☆89Updated 2 years ago
• cylaris / awesomekql
  Microsoft Sentinel, Defender for Endpoint - KQL Detection Packs
  ☆55Updated 2 years ago
• CrowdStrike / community
  CrowdStrike's Open Source Policy & Contribution Guide
  ☆49Updated 2 months ago
• rod-trent / SentinelPlaybooks
  ☆59Updated last year
• microsoft / msticpy-lab
  A lab environment for learning about MSTICPy
  ☆38Updated 3 years ago
• jostuffl / AzureSentinel_Stuff
  A collection of things I've created or found that I think is useful for Azure Sentinel.
  ☆18Updated last week
• jangeisbauer / AdvancedHunting
  Advanced Hunting Queries for Microsoft Security Products
  ☆108Updated 3 years ago
• hazardsec / cx-scan
  Automate Checkmarx Scanning and Onboarding Plus AWS Access
  ☆12Updated 3 years ago
• MSSAPSCA1 / Azure_Sentinel
  Bulk turn on Analytic rules in Azure Sentinel
  ☆19Updated 4 years ago
• Azure / AI-Security-Risk-Assessment
  ☆66Updated last year
• nicolonsky / ITDR
  Collection of Microsoft Identity Threat Detection and Response resources.
  ☆52Updated last week
• threat-hunting / awesome-threat-detection
  A curated list of awesome threat detection and hunting resources
  ☆16Updated 7 years ago
• swiftbird07 / IRIS-SOAR
  🚀 IRIS-SOAR: Modular SOAR (Security Orchestration, Automation, and Response) implementation in Python. Designed to complement DFIR-IRIS …
  ☆13Updated last year
• FalconForceTeam / KQLAnalyzer
  REST server that can analyze Kusto KQL queries against the Sentinel and Microsoft 365 Defender schemas.
  ☆49Updated 4 months ago
• microsoft / mstic
  Microsoft Threat Intelligence
  ☆204Updated last week
• rinure-msft / Azure-Sentinel
  Cloud-native SIEM for intelligent security analytics for your entire enterprise.
  ☆20Updated 2 years ago
• inodee / spl-to-kql
  The idea is simply to save some quick notes that will make it easier for Splunk users to leverage KQL (Kusto), especially giving projects…
  ☆44Updated 5 years ago
• AndrewBlumhardt / SentinelReconTools
  Sentinel Recon Tools Workbook
  ☆14Updated 3 years ago
• reprise99 / kql-for-dfir
  A guide to using Azure Data Explorer and KQL for DFIR
  ☆124Updated 3 years ago
• invictus-ir / Blue-team-app-Office-365-and-Azure
  ☆73Updated last year
• brian-ruf / OSCAL-GUI
  Joint NIST/FedRAMP tool to interact with OSCAL files via a browser-based GUI
  ☆47Updated 6 years ago
• center-for-threat-informed-defense / attack-sync
  ATT&CK Sync is a Center for Threat-Informed Defense project that aims to improve the ability for organizations to consume MITRE ATT&CK® v…
  ☆24Updated 2 months ago
• ashwin-patil / blue-teaming-with-kql
  Repository with Sample KQL Query examples for Threat Hunting
  ☆217Updated 3 years ago
• rod-trent / SentinelWorkbooks
  Workbooks for Azure Sentinel
  ☆63Updated 2 years ago
• OTRF / OSSEM-CDM
  OSSEM Common Data Model
  ☆56Updated 3 years ago
• PwC-IR / MIA-MailItemsAccessed-
  Tool to extract Sessions, MessageID(s) and find the emails belonging to MessageID(s). This script utilizes the MailItemsAccessed features…
  ☆41Updated 5 years ago
• center-for-threat-informed-defense / cloud-analytics
  Cloud Analytics helps defenders detect attacks to their cloud infrastructure by developing behavioral analytics for cloud platforms as we…
  ☆54Updated 2 years ago
• Azure / Cloud-Katana
  Unlocking Serverless Computing to Assess Security Controls
  ☆262Updated last year