MarkSimos / MCRA
The Microsoft Cybersecurity Reference Architecture (https://aka.ms/MCRA) describes Microsoft’s cybersecurity capabilities and how they integrate with existing security architectures and capabilities.
☆20Updated 6 years ago
Alternatives and similar repositories for MCRA:
Users that are interested in MCRA are comparing it to the libraries listed below
- ☆131Updated last year
- This was code for analyzing round 1 of the MITRE Enterprise ATT&CK Evaluation. Please check out https://github.com/joshzelonis/Enterprise…☆95Updated 4 years ago
- Collection of resources related to the Center for Threat-Informed Defense☆77Updated 10 months ago
- The Infosec Community Definitive Guide to Jupyter Notebooks☆121Updated 4 years ago
- Use Terraform to Provision Your Own Cloud-Based Remote Browsing Workstation☆25Updated 11 months ago
- A port of BHIS's Backdoors & Breaches for playingcards.io☆62Updated 2 years ago
- ☆54Updated 3 years ago
- Collection of walkthroughs on various threat hunting techniques☆75Updated 4 years ago
- ☆93Updated 2 years ago
- RRR (Rapid Response Reporting) is a collection of Incident Response Report objects. They are designed to help incident responders provid…☆37Updated 3 years ago
- The CyberCX Digger project is designed to help Australian organisations determine if they have been impacted by certain high profile cybe…☆47Updated 4 years ago
- Resources for SANS CTI Summit 2021 presentation☆102Updated last year
- ☆42Updated 4 years ago
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆108Updated 5 years ago
- A community event for security researchers to share their favorite notebooks☆107Updated last year
- ☆58Updated last year
- Windows Defender ATP - Advanced Hunting Queries☆21Updated 7 years ago
- DDTTX Tabletop Trainings☆28Updated 3 years ago
- Cloud Templates and scripts to deploy mordor environments☆129Updated 4 years ago
- The PoLRBear Project☆35Updated 4 years ago
- Microsoft Sentinel, Defender for Endpoint - KQL Detection Packs☆53Updated last year
- Cybersecurity Incident Response Plan☆90Updated 4 years ago
- Distribution of the SANS SEC504 Windows Cheat Sheet Lab☆69Updated 4 years ago
- Tools to automate and/or expedite response.☆113Updated 9 months ago
- Security Monitoring Resolution Categories☆138Updated 3 years ago
- The idea is simply to save some quick notes that will make it easier for Splunk users to leverage KQL (Kusto), especially giving projects…☆41Updated 4 years ago
- This code snippet retrieves Azure Sentinel rules that are mapped to MITRE ATT&CK Framework and generates the related MITRE D3FEND defense…☆71Updated 3 years ago
- ☆32Updated last year
- 🚨ATTENTION🚨 The VERIS mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here …☆71Updated last year
- Repository for SPEED SIEM Use Case Framework☆53Updated 4 years ago