O3-Cyber / azure-security-survival-kit
☆64Updated 7 months ago
Alternatives and similar repositories for azure-security-survival-kit:
Users that are interested in azure-security-survival-kit are comparing it to the libraries listed below
- ☆45Updated 2 weeks ago
- A collection of ARM-based detections for Azure/AzureAD based TTPs☆84Updated last year
- Microsoft Entra ID App Audit Solution (AADAppAudit)☆83Updated 6 months ago
- ThreatModel for Azure Storage - Library of all the attack scenarios on Azure Storage, and how to mitigate them following a risk-based app…☆57Updated last year
- Solution to deploy a Sentinel playground demo environment☆57Updated last year
- Sharing my KQL queries for Azure Sentinel☆162Updated this week
- Azure administrative tiering based on known attack paths☆63Updated this week
- A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.☆68Updated 10 months ago
- A list of Entra ID (Azure AD) Audit event names and the corresponding Microsoft Graph Request Uri☆27Updated 5 months ago
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆91Updated last year
- Check you Sentinel environment using Pester infrastructure tests☆29Updated last year
- Repository with supporting materials for Invictus Academy/Training☆42Updated 2 months ago
- Docs and samples for privileged identity and access management in Microsoft Azure and Microsoft Entra.☆149Updated 2 weeks ago
- Extensible Azure Security Tool - Documentation☆81Updated last year
- ☆73Updated 8 months ago
- ADXFlowmaster helps SecOps teams Threat Hunt suspicious network traffic inside & outside of Azure.☆34Updated 4 months ago
- Workbooks for Azure Sentinel☆58Updated last year
- GitHub action for validating Microsoft Sentinel detection rules☆13Updated last year
- ☆55Updated 7 months ago
- Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix☆58Updated last year
- An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and secur…☆146Updated 3 weeks ago
- MDE Quickstart is a battle-tested MDE policy set designed to be restored with Intune Backup & Restore☆66Updated 2 years ago
- Cloud threat detection visualization from excalidraw☆12Updated 2 years ago
- ☆65Updated 3 years ago
- Repository with Sentinel Analytics Rules, Hunting Queries and helpful external data sources.☆103Updated this week
- Ian Hanley's deceptively simple KQL queries.☆48Updated this week
- Cloud Analytics helps defenders detect attacks to their cloud infrastructure by developing behavioral analytics for cloud platforms as we…☆53Updated last year
- A self assessment tool to help understand your level in the SANS Vulnerability Management Maturity Model (VMMM).☆23Updated 2 weeks ago
- Collection of Microsoft Identity Threat Detection and Response resources.☆40Updated 2 weeks ago