Azure/Azure-Sentinel-Notebooks external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

Azure/Azure-Sentinel-Notebooks

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/Azure/Azure-Sentinel-Notebooks)

Close

Azure / Azure-Sentinel-NotebooksView on GitHubMore

• External links
• Readme badge

Interactive Azure Sentinel Notebooks provides security insights and actions to investigate anomalies and hunt for malicious behaviors.

☆618Oct 17, 2025Updated 5 months ago

Alternatives and similar repositories for Azure-Sentinel-Notebooks

Users that are interested in Azure-Sentinel-Notebooks are comparing it to the libraries listed below

• Azure / Azure-Sentinel

  View on GitHub
  Cloud-native SIEM for intelligent security analytics for your entire enterprise.
  ☆5,534Updated this week
• microsoft / msticpy

  View on GitHub
  Microsoft Threat Intelligence Security Tools
  ☆1,954Mar 6, 2026Updated 2 weeks ago
• edoardogerosa / sentinel-attack

  View on GitHub
  Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
  ☆1,079Nov 28, 2024Updated last year
• rod-trent / SentinelKQL

  View on GitHub
  Azure Sentinel KQL
  ☆471Jul 28, 2025Updated 7 months ago
• OTRF / Microsoft-Sentinel2Go

  View on GitHub
  Microsoft Sentinel2Go is an open source project developed to expedite the deployment of a Microsoft Sentinel research lab.
  ☆587Jan 22, 2025Updated last year
• reprise99 / Sentinel-Queries

  View on GitHub
  Collection of KQL queries
  ☆1,621Jan 29, 2026Updated last month
• microsoft / Microsoft-365-Defender-Hunting-Queries

  View on GitHub
  Sample queries for Advanced hunting in Microsoft 365 Defender
  ☆2,053Feb 17, 2022Updated 4 years ago
• wortell / AZSentinel

  View on GitHub
  PowerShell module for Azure Sentinel
  ☆233Aug 3, 2022Updated 3 years ago
• briandelmsft / SentinelAutomationModules

  View on GitHub
  The Microsoft Sentinel Triage AssistanT (STAT) enables easy to create incident triage automation in Microsoft Sentinel
  ☆276Jan 2, 2026Updated 2 months ago
• Bert-JanP / Hunting-Queries-Detection-Rules

  View on GitHub
  KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunt…
  ☆1,661Mar 9, 2026Updated last week
• FalconForceTeam / FalconFriday

  View on GitHub
  Hunting queries and detections
  ☆887Oct 30, 2025Updated 4 months ago
• Azure / Microsoft-Defender-for-Cloud

  View on GitHub
  Welcome to the Microsoft Defender for Cloud community repository
  ☆1,885Updated this week
• rod-trent / SentinelPlaybooks

  View on GitHub
  ☆59Jul 18, 2024Updated last year
• Cyb3r-Monk / Threat-Hunting-and-Detection

  View on GitHub
  Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).
  ☆804Jan 14, 2026Updated 2 months ago
• microsoft / msticnb

  View on GitHub
  MSTIC Notebook Components
  ☆35Sep 4, 2025Updated 6 months ago
• OTRF / Security-Datasets

  View on GitHub
  Re-play Security Events
  ☆1,728Mar 20, 2024Updated 2 years ago
• reprise99 / awesome-kql-sentinel

  View on GitHub
  A curated list of blogs, videos, tutorials, queries and anything else valuable to help you learn and master KQL and Microsoft Sentinel
  ☆240Feb 8, 2023Updated 3 years ago
• microsoft / ASDET

  View on GitHub
  ☆20Sep 3, 2021Updated 4 years ago
• OTRF / infosec-jupyter-book

  View on GitHub
  The Infosec Community Definitive Guide to Jupyter Notebooks
  ☆131Oct 17, 2020Updated 5 years ago
• ManagedSentinel / AzureSentinelKQLScripts

  View on GitHub
  Various tools used to monitor and troubleshoot Azure Sentinel data
  ☆31Oct 24, 2024Updated last year
• rod-trent / SentinelWorkbooks

  View on GitHub
  Workbooks for Azure Sentinel
  ☆63Aug 14, 2023Updated 2 years ago
• javiersoriano / sentinelascode

  View on GitHub
  Enable the automatic deployment of Azure Sentinel using code
  ☆118May 3, 2022Updated 3 years ago
• rod-trent / MustLearnKQL

  View on GitHub
  Code included as part of the MustLearnKQL blog series
  ☆1,152Jan 30, 2026Updated last month
• LearningKijo / KQL

  View on GitHub
  Threat Hunting query in Microsoft 365 Defender, XDR. Provide out-of-the-box KQL hunting queries - App, Email, Identity and Endpoint.
  ☆486Nov 22, 2024Updated last year
• OTRF / ThreatHunter-Playbook

  View on GitHub
  A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…
  ☆4,501Jan 12, 2026Updated 2 months ago
• Azure / Azure-Network-Security

  View on GitHub
  Resources for improving Customer Experience with Azure Network Security
  ☆922Feb 26, 2026Updated 3 weeks ago
• cyb3rmik3 / KQL-threat-hunting-queries

  View on GitHub
  A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 D…
  ☆762Aug 28, 2025Updated 6 months ago
• inodee / spl-to-kql

  View on GitHub
  The idea is simply to save some quick notes that will make it easier for Splunk users to leverage KQL (Kusto), especially giving projects…
  ☆44Nov 7, 2020Updated 5 years ago
• alexverboon / MDATP

  View on GitHub
  MDATP
  ☆455Jul 20, 2024Updated last year
• ashwin-patil / blue-teaming-with-kql

  View on GitHub
  Repository with Sample KQL Query examples for Threat Hunting
  ☆218Sep 1, 2022Updated 3 years ago
• OTRF / Blacksmith

  View on GitHub
  Building environments to replicate small networks and deploy applications
  ☆330Jan 9, 2026Updated 2 months ago
• rabobank-cdc / DeTTECT

  View on GitHub
  Detect Tactics, Techniques & Combat Threats
  ☆2,268Jan 21, 2026Updated last month
• ep3p / Sentinel_KQL

  View on GitHub
  In this repository you may find KQL (Kusto Query Language) queries and Watchlist schemes for data sources related to Microsoft Sentinel (…
  ☆135Updated this week
• MicrosoftLearning / SC-200T00A-Microsoft-Security-Operations-Analyst

  View on GitHub
  ☆373Mar 12, 2026Updated last week
• Cloud-Architekt / AzureAD-Attack-Defense

  View on GitHub
  This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and …
  ☆2,478Dec 31, 2025Updated 2 months ago
• OTRF / OSSEM

  View on GitHub
  Open Source Security Events Metadata (OSSEM)
  ☆1,289Feb 27, 2023Updated 3 years ago
• Intellisec-Solutions / Microsoft-Sentinel-SIGMA-Rules-Workbook

  View on GitHub
  ☆12Jul 15, 2022Updated 3 years ago
• Azure / Stormspotter

  View on GitHub
  Azure Red Team tool for graphing Azure and Azure Active Directory objects
  ☆1,689Jan 8, 2024Updated 2 years ago
• eshlomo1 / Microsoft-Sentinel-SecOps

  View on GitHub
  Microsoft Sentinel SOC Operations
  ☆264Jul 10, 2024Updated last year