Repository to publish sample use cases, templates, solutions, automations for Microsoft Defender Threat Intelligence (MDTI) product
☆80Sep 9, 2024Updated last year
Alternatives and similar repositories for MDTI-Solutions
Users that are interested in MDTI-Solutions are comparing it to the libraries listed below
Sorting:
- ☆18Jul 13, 2022Updated 3 years ago
- Create a Word document showing your Sentinel configuration☆14Nov 7, 2023Updated 2 years ago
- Sentinel Analytics Rule converter PowerShell module☆67Feb 24, 2026Updated 3 weeks ago
- ☆43Oct 11, 2023Updated 2 years ago
- Azure OpenAI Playbook created for Microsoft Sentinel☆13May 2, 2024Updated last year
- Export Microsoft Sentinel artifacts like Analytical Rules, Hunting Queries, Workbooks in order to support new feature Repositories CI/CD …☆59Sep 15, 2022Updated 3 years ago
- The Microsoft Sentinel Triage AssistanT (STAT) enables easy to create incident triage automation in Microsoft Sentinel☆277Jan 2, 2026Updated 2 months ago
- Send security notifications to your users when something important happened on their accounts (such as new MFA methods, atypical travels,…☆10Apr 13, 2023Updated 2 years ago
- ☆59Jul 18, 2024Updated last year
- ☆30Nov 11, 2024Updated last year
- ☆67Mar 9, 2026Updated last week
- Solutions developed by the MDEASM Customer Experience Engineering (CxE) Go-To Production (GTP) team for Azure MDEASM☆29Feb 3, 2025Updated last year
- ☆22Aug 29, 2023Updated 2 years ago
- MS Graph Commands and Tools for Blue Teamers☆51Feb 4, 2026Updated last month
- PowerShell script designed to help Incident Responders collect forensic evidence from local and remote Windows devices.☆110Aug 26, 2024Updated last year
- KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunt…☆1,661Mar 9, 2026Updated last week
- M365 MDATP Live Response sample scripts☆82Nov 1, 2024Updated last year
- Scripts and Content for working with Open AI☆171Apr 18, 2025Updated 11 months ago
- ☆20Sep 3, 2021Updated 4 years ago
- ⚠️ ARCHIVED**: This repository is no longer actively maintained. All Sigma rules are now managed and available in SIEM Rules☆12Updated this week
- Collection of KQL queries☆1,621Jan 29, 2026Updated last month
- Detecting and Responding to Threats using Microsoft 365 Defender, published by Packt☆16Jul 10, 2023Updated 2 years ago
- ☆43May 22, 2021Updated 4 years ago
- Additional resources to improve customer experience with Microsoft Defender for Identity☆121Sep 12, 2025Updated 6 months ago
- An automated deployment tool that creates instrumented Azure environments with vulnerable systems for simulating attacks and testing Micr…☆63Jul 27, 2025Updated 7 months ago
- AzLogDcrIngestPS - Unleashing the power of Log Ingestion API with Azure LogAnalytics custom table v2, Azure Data Collection Rules and Azu…☆32Jan 26, 2025Updated last year
- Random Powershell scripts☆13Feb 13, 2024Updated 2 years ago
- Miscellaneous Azure Sentinel files that don't fall into other categories.☆13Aug 23, 2021Updated 4 years ago
- Collection of different Azure/Entra focused solutions (Deployable templates, Function Apps, etc)☆80Mar 12, 2026Updated last week
- Sentinel Recon Tools Workbook☆14Aug 24, 2022Updated 3 years ago
- Guidance and collateral for troubleshooting and managing Azure Sentinel data costs.☆28Oct 9, 2023Updated 2 years ago
- ☆90Jan 10, 2024Updated 2 years ago
- MDE Tester is designed to help testing various features in Microsoft Defender for Endpoint.☆193Feb 20, 2026Updated last month
- Sample queries for Advanced hunting in Microsoft 365 Defender☆2,053Feb 17, 2022Updated 4 years ago
- Training and support materials for MSTICPy☆18Jun 27, 2023Updated 2 years ago
- Azure Sentinel KQL☆471Jul 28, 2025Updated 7 months ago
- Cyber Defence related kusto queries for use in Azure Sentinel and Defender advanced hunting☆68Dec 7, 2025Updated 3 months ago
- ☆45Apr 10, 2024Updated last year
- Code included as part of the MustLearnKQL blog series☆1,152Jan 30, 2026Updated last month