MarkSimos / MCRALinks
The Microsoft Cybersecurity Reference Architecture (https://aka.ms/MCRA) describes Microsoft’s cybersecurity capabilities and how they integrate with existing security architectures and capabilities.
☆21Updated 7 years ago
Alternatives and similar repositories for MCRA
Users that are interested in MCRA are comparing it to the libraries listed below
Sorting:
- ☆134Updated last year
- Repository with Sample KQL Query examples for Threat Hunting☆216Updated 3 years ago
- The Infosec Community Definitive Guide to Jupyter Notebooks☆131Updated 5 years ago
- Building environments to replicate small networks and deploy applications☆331Updated 3 weeks ago
- A port of BHIS's Backdoors & Breaches for playingcards.io☆64Updated 3 years ago
- Collection of resources related to the Center for Threat-Informed Defense☆76Updated last year
- Distribution of the SANS SEC504 Windows Cheat Sheet Lab☆77Updated 5 years ago
- Controls Assessment Specification☆70Updated 9 months ago
- NIST CyberSecurity Framework management tool☆166Updated 4 years ago
- KQL queries for Advanced Hunting☆176Updated 6 years ago
- 🚨ATTENTION🚨 The Security Stack Mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is k…☆389Updated last year
- This was code for analyzing round 1 of the MITRE Enterprise ATT&CK Evaluation. Please check out https://github.com/joshzelonis/Enterprise…☆94Updated 5 years ago
- 🚨ATTENTION🚨 The VERIS mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here …☆72Updated last year
- This code snippet retrieves Azure Sentinel rules that are mapped to MITRE ATT&CK Framework and generates the related MITRE D3FEND defense…☆74Updated 4 years ago
- The idea is simply to save some quick notes that will make it easier for Splunk users to leverage KQL (Kusto), especially giving projects…☆44Updated 5 years ago
- A Windows event logging and collection baseline focused on finding balance between forensic value and optimising retention.☆291Updated 4 years ago
- Microsoft Sentinel2Go is an open source project developed to expedite the deployment of a Microsoft Sentinel research lab.☆584Updated last year
- Cloud-native SIEM for intelligent security analytics for your entire enterprise.☆20Updated 2 years ago
- Cybersecurity Incident Response Plan☆109Updated 5 years ago
- Microsoft Sentinel SOC Operations☆266Updated last year
- ☆99Updated 3 years ago
- Windows Event Forwarding subscriptions, configuration files and scripts that assist with implementing ACSC's protect publication, Technic…☆227Updated 11 months ago
- Cloud Analytics helps defenders detect attacks to their cloud infrastructure by developing behavioral analytics for cloud platforms as we…☆54Updated 2 years ago
- A collection of Splunk's Search Processing Language (SPL) for Threat Hunting with CrowdStrike Falcon☆214Updated 5 years ago
- ☆56Updated 4 years ago
- Various tools used to monitor and troubleshoot Azure Sentinel data☆31Updated last year
- Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.☆145Updated 3 years ago
- Use Terraform to Provision Your Own Cloud-Based Remote Browsing Workstation☆26Updated last year
- Unlocking Serverless Computing to Assess Security Controls☆262Updated last year
- Get started fast with a built out lab, built from scratch via Azure Resource Manager (ARM) and Desired State Configuration (DSC), to test…☆238Updated 5 years ago