MarkSimos / MCRALinks
The Microsoft Cybersecurity Reference Architecture (https://aka.ms/MCRA) describes Microsoft’s cybersecurity capabilities and how they integrate with existing security architectures and capabilities.
☆21Updated 7 years ago
Alternatives and similar repositories for MCRA
Users that are interested in MCRA are comparing it to the libraries listed below
Sorting:
- Collection of resources related to the Center for Threat-Informed Defense☆76Updated last year
- NIST CyberSecurity Framework management tool☆166Updated 4 years ago
- 🚨ATTENTION🚨 The Security Stack Mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is k…☆390Updated last year
- Distribution of the SANS SEC504 Windows Cheat Sheet Lab☆76Updated 5 years ago
- Repository with Sample KQL Query examples for Threat Hunting☆217Updated 3 years ago
- The Infosec Community Definitive Guide to Jupyter Notebooks☆130Updated 5 years ago
- ☆134Updated last year
- A port of BHIS's Backdoors & Breaches for playingcards.io☆64Updated 2 years ago
- Dashboard for conducting Backdoors and Breaches sessions over Zoom.☆119Updated last year
- Building environments to replicate small networks and deploy applications☆330Updated 11 months ago
- Use Terraform to Provision Your Own Cloud-Based Remote Browsing Workstation☆26Updated last year
- Creating a hardened "Blue Forest" with Server 2016/2019 Domain Controllers☆266Updated last year
- ☆98Updated 3 years ago
- Purple Teaming Attack & Hunt Lab - Terraform☆161Updated 4 years ago
- Cybersecurity Incident Response Plan☆109Updated 5 years ago
- ☆55Updated 4 years ago
- This code snippet retrieves Azure Sentinel rules that are mapped to MITRE ATT&CK Framework and generates the related MITRE D3FEND defense…☆74Updated 4 years ago
- A Windows event logging and collection baseline focused on finding balance between forensic value and optimising retention.☆290Updated 4 years ago
- Get started fast with a built out lab, built from scratch via Azure Resource Manager (ARM) and Desired State Configuration (DSC), to test…☆238Updated 5 years ago
- Sysmon configuration file template with default high-quality event tracing☆20Updated 4 years ago
- 🚨ATTENTION🚨 The VERIS mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here …☆72Updated last year
- Documentation on the Cyber Defense Matrix☆24Updated 2 years ago
- A collection of Splunk's Search Processing Language (SPL) for Threat Hunting with CrowdStrike Falcon☆214Updated 5 years ago
- Configuration Hardening Assessment PowerShell Script (CHAPS)☆187Updated 4 months ago
- A collection of ARM-based detections for Azure/AzureAD based TTPs☆89Updated 2 years ago
- Zerofox Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform☆45Updated 5 years ago
- Cloud-native SIEM for intelligent security analytics for your entire enterprise.☆20Updated 2 years ago
- Incident Response Hierarchy of Needs☆468Updated 2 years ago
- Microsoft Sentinel, Defender for Endpoint - KQL Detection Packs☆55Updated 2 years ago
- DDTTX Tabletop Trainings☆28Updated 4 years ago