MicrosoftDocs/security external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

MicrosoftDocs/security

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/MicrosoftDocs/security)

Close

MicrosoftDocs / securityView on GitHubMore

• External links
• Readme badge

Public repo to sync with security-pr

☆245Feb 19, 2026Updated last week

Alternatives and similar repositories for security

Users that are interested in security are comparing it to the libraries listed below

• microsoft / ConditionalAccessforZeroTrustResources

  View on GitHub
  ConditionalAccessforZeroTrustResources holding resources for Azure AD CA guidance for Zero Trust
  ☆198Apr 2, 2024Updated last year
• MicrosoftDocs / SecurityBenchmarks

  View on GitHub
  Supplemental information and resources for the Security Benchmark documentation available at https://docs.microsoft.com/azure/security/be…
  ☆488Oct 10, 2023Updated 2 years ago
• center-for-threat-informed-defense / security-stack-mappings

  View on GitHub
  🚨ATTENTION🚨 The Security Stack Mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is k…
  ☆386Apr 3, 2024Updated last year
• workoho / Entra-Tiering-Security-Model

  View on GitHub
  Implement a powerful Tiering Security Model in Microsoft Entra for your Cloud Administrator identities using Azure Automation.
  ☆51Feb 18, 2025Updated last year
• ugurkocde / TenantBaseline

  View on GitHub
  Stop Microsoft 365 configuration drift before it becomes a breach
  ☆57Feb 11, 2026Updated 2 weeks ago
• Bert-JanP / Hunting-Queries-Detection-Rules

  View on GitHub
  KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunt…
  ☆1,638Updated this week
• Azure / Microsoft-Defender-for-Cloud

  View on GitHub
  Welcome to the Microsoft Defender for Cloud community repository
  ☆1,882Feb 17, 2026Updated last week
• Cloud-Architekt / AzureAD-Attack-Defense

  View on GitHub
  This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and …
  ☆2,475Dec 31, 2025Updated 2 months ago
• cisagov / ScubaGear

  View on GitHub
  Automation to assess the state of your M365 tenant against CISA's baselines
  ☆2,460Feb 20, 2026Updated last week
• Cloud-Architekt / EntraOps

  View on GitHub
  Community project to classify, identify and protect your privileges based on Enterprise Access Model (EAM)
  ☆204Feb 19, 2026Updated last week
• AzureAD / Azure-AD-Incident-Response-PowerShell-Module

  View on GitHub
  The Azure Active Directory Incident Response PowerShell module provides a number of tools, developed by the Azure Active Directory Produc…
  ☆451Jun 16, 2023Updated 2 years ago
• microsoft / ActiveDirectoryDSC.Reverse

  View on GitHub
  ReverseDSC Orchestrator for ActiveDirectory
  ☆21Jun 12, 2023Updated 2 years ago
• KustoKing / Hunting-Queries-Detection-Rules

  View on GitHub
  KQL Detections for Microsoft Sentinel and Microsoft 365 Defender
  ☆21Nov 15, 2024Updated last year
• reprise99 / mddrguidance

  View on GitHub
  Links and guidance related to the return on mitigation report in the Microsoft Digital Defense Report
  ☆28Oct 10, 2023Updated 2 years ago
• microsoft / sentinel-as-code

  View on GitHub
  ☆22Oct 13, 2025Updated 4 months ago
• martinsohn / CIS-Controls

  View on GitHub
  ☆19Nov 23, 2022Updated 3 years ago
• MicrosoftDocs / entra-docs

  View on GitHub
  This is the public repo for Microsoft Entra documentation
  ☆167Updated this week
• SecurityBagel / CMMC-Bagel

  View on GitHub
  compliance assessment and POA&M management for CMMC/NIST 800-171A
  ☆107Jan 2, 2025Updated last year
• Azure / Azure-Sentinel

  View on GitHub
  Cloud-native SIEM for intelligent security analytics for your entire enterprise.
  ☆5,497Updated this week
• guardsight / gsvsoc_cirt-playbook-battle-cards

  View on GitHub
  Cyber Incident Response Team Playbook Battle Cards
  ☆423May 10, 2024Updated last year
• ep3p / Sentinel_KQL

  View on GitHub
  In this repository you may find KQL (Kusto Query Language) queries and Watchlist schemes for data sources related to Microsoft Sentinel (…
  ☆134Dec 18, 2025Updated 2 months ago
• eshlomo1 / Microsoft-Sentinel-SecOps

  View on GitHub
  Microsoft Sentinel SOC Operations
  ☆264Jul 10, 2024Updated last year
• TAXIIProject / TAXII-Specifications

  View on GitHub
  A repository for development of the TAXII Specifications. For official releases, please see http://taxiiproject.github.io/releases/
  ☆41Nov 29, 2015Updated 10 years ago
• alexverboon / Hunting-Queries-Detection-Rules

  View on GitHub
  KQL Queries. Microsoft Defender, Microsoft Sentinel
  ☆196Updated this week
• austinsonger / Incident-Playbook

  View on GitHub
  GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]
  ☆1,541Jul 28, 2024Updated last year
• lawndoc / AdvancedHuntingQueries

  View on GitHub
  Microsoft 365 Advanced Hunting Queries with hotlinks that plug the query right into your tenant.
  ☆133Feb 10, 2026Updated 2 weeks ago
• maysarax / SOC

  View on GitHub
  ☆20Aug 4, 2019Updated 6 years ago
• rinure-msft / Azure-Sentinel

  View on GitHub
  Cloud-native SIEM for intelligent security analytics for your entire enterprise.
  ☆20Apr 4, 2023Updated 2 years ago
• Fortigi / ConditionalAccess

  View on GitHub
  ☆21Mar 8, 2021Updated 4 years ago
• MicrosoftDocs / CloudAppSecurityDocs

  View on GitHub
  Public repo for CloudAppSecurityDocs-pr
  ☆114Jan 8, 2025Updated last year
• AzureAD / AzureADAssessment

  View on GitHub
  Tooling for assessing an Azure AD tenant state and configuration
  ☆830Jun 12, 2024Updated last year
• MicrosoftLearning / SC-200T00A-Microsoft-Security-Operations-Analyst

  View on GitHub
  ☆366Feb 13, 2026Updated 2 weeks ago
• JulianHayward / AzADServicePrincipalInsights

  View on GitHub
  Insights and change tracking on Microsoft Entra ID Service Principals (Enterprise Applications, Applications and Managed Identities)
  ☆248Apr 30, 2025Updated 9 months ago
• Cyb3r-Monk / Threat-Hunting-and-Detection

  View on GitHub
  Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).
  ☆804Jan 14, 2026Updated last month
• MISP / best-practices-in-threat-intelligence

  View on GitHub
  Best practices in threat intelligence
  ☆50Nov 6, 2022Updated 3 years ago
• alexverboon / MDATP

  View on GitHub
  MDATP
  ☆456Jul 20, 2024Updated last year
• MISP / misp-playbooks

  View on GitHub
  MISP Playbooks
  ☆222Oct 14, 2025Updated 4 months ago
• MicrosoftLearning / SC-100-Microsoft-Cybersecurity-Architect

  View on GitHub
  ☆172Jan 23, 2026Updated last month
• center-for-threat-informed-defense / attack-control-framework-mappings

  View on GitHub
  🚨ATTENTION🚨 The NIST 800-53 mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept…
  ☆495Apr 3, 2024Updated last year