O3-Cyber / azure-security-survival-kit

Related projects ⓘ

Alternatives and complementary repositories for azure-security-survival-kit

• O3-Cyber / AzureADRoleMonitor
  ☆44Updated this week
• microsoft / AzDetectSuite
  A collection of ARM-based detections for Azure/AzureAD based TTPs
  ☆80Updated 11 months ago
• trustoncloud / threatmodel-for-azure-storage
  ThreatModel for Azure Storage - Library of all the attack scenarios on Azure Storage, and how to mitigate them following a risk-based app…
  ☆57Updated last year
• jsa2 / AADAppAudit
  Microsoft Entra ID App Audit Solution (AADAppAudit)
  ☆80Updated 2 months ago
• SecureHats / Sentinel-playground
  Solution to deploy a Sentinel playground demo environment
  ☆55Updated last year
• f-bader / AzSentinelQueries
  Repository with Sentinel Analytics Rules, Hunting Queries and helpful external data sources.
  ☆69Updated this week
• Cloud-Architekt / AzureSentinel
  Sharing my KQL queries for Azure Sentinel
  ☆142Updated 3 months ago
• rod-trent / SentinelWorkbooks
  Workbooks for Azure Sentinel
  ☆54Updated last year
• Cloud-Architekt / AzurePrivilegedIAM
  Docs and samples for privileged identity and access management in Microsoft Azure and Microsoft Entra.
  ☆137Updated 3 weeks ago
• invictus-ir / aws-cheatsheet
  A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.
  ☆62Updated 6 months ago
• jsa2 / aad-auth-n-z
  ☆65Updated 2 years ago
• f-bader / EntraIDAuditLogToMicrosoftGraph
  A list of Entra ID (Azure AD) Audit event names and the corresponding Microsoft Graph Request Uri
  ☆26Updated last month
• rod-trent / SentinelPlaybooks
  ☆53Updated 4 months ago
• garybushey / ProgrammingMicrosoftSentinel
  Programming Microsoft Sentinel book
  ☆22Updated 11 months ago
• Nextdoor / cspm_evaluation_matrix
  Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix
  ☆58Updated last year
• salesforce / cloud-guardrails
  Rapidly apply hundreds of security controls in Azure
  ☆183Updated last year
• msdirtbag / MDE-Quickstart
  MDE Quickstart is a battle-tested MDE policy set designed to be restored with Intune Backup & Restore
  ☆65Updated last year
• Cloud-Architekt / meetups
  All slides from my meetup talks
  ☆31Updated 5 months ago
• jsa2 / CloudShellAadApps
  ☆26Updated last year
• merill / microsoft-info
  Repository hosting a static list of Microsoft First party apps and Graph permissions that's updated daily
  ☆86Updated this week
• jsa2 / EAST
  Extensible Azure Security Tool - Documentation
  ☆81Updated last year
• rod-trent / SentinelPS
  ☆29Updated last week
• adanalvarez / TrailDiscover
  An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and secur…
  ☆115Updated last month
• f-bader / SentinelARConverter
  Sentinel Analytics Rule converter PowerShell module
  ☆53Updated this week
• Kaidja / Microsoft-Sentinel
  Microsoft Sentinel related content
  ☆33Updated last year
• DanielChronlund / DCSecurityOperations
  A collection of Microsoft Sentinel workbooks and analytics rules.
  ☆100Updated 9 months ago
• rod-trent / KQL-for-Everything
  KQL example queries for working in Azure
  ☆33Updated 3 months ago
• SureStacks / AzureAssess
  Assess Azure Security State
  ☆36Updated 10 months ago
• Permiso-io-tools / azure-activity-log-axe
  Azure Activity Log Axe is a continually developing tool that simplifies the transactional log format provided by Microsoft. The tool leve…
  ☆22Updated 2 months ago