microsoft / SecCon-Framework
Security configuration is complex. With thousands of group policies available in Windows, choosing the “best” setting is difficult. It’s not always obvious which permutations of policies are required to implement a complete scenario, and there are often unintended consequences of some security lockdowns. The SECCON Baselines divide configuratio…
☆279Updated last year
Related projects ⓘ
Alternatives and complementary repositories for SecCon-Framework
- MDATP☆455Updated 4 months ago
- Powershell Based tool for gathering information related to O365 intrusions and potential Breaches☆708Updated this week
- Get started fast with a built out lab, built from scratch via Azure Resource Manager (ARM) and Desired State Configuration (DSC), to test…☆234Updated 4 years ago
- Windows OS Hardening with PowerShell DSC☆273Updated 11 months ago
- A PowerShell script that automates the security assessment of Microsoft 365 environments.☆582Updated 3 weeks ago
- The Azure Active Directory Incident Response PowerShell module provides a number of tools, developed by the Azure Active Directory Produc…☆421Updated last year
- Microsoft Sentinel SOC Operations☆239Updated 4 months ago
- Building environments to replicate small networks and deploy applications☆317Updated last year
- KQL queries for Advanced Hunting☆166Updated 4 years ago
- Microsoft Sentinel2Go is an open source project developed to expedite the deployment of a Microsoft Sentinel research lab.☆550Updated last year
- Tooling for assessing an Azure AD tenant state and configuration☆758Updated 5 months ago
- EventList☆370Updated 3 years ago
- The Microsoft Defender for Office 365 Recommended Configuration Analyzer (ORCA)☆304Updated 5 months ago
- Contact: CRT@crowdstrike.com☆706Updated last year
- A little tool to play with Azure Identity - Azure and Entra ID lab creation tool. Blog: https://medium.com/@iknowjason/sentinel-for-pur…☆526Updated last week
- Robust and practical application control for Windows☆605Updated 2 years ago
- Windows Event Forwarding subscriptions, configuration files and scripts that assist with implementing ACSC's protect publication, Technic…☆212Updated 2 years ago
- Tools for Microsoft cloud fans☆316Updated 7 months ago
- Collection of Intune policies that could assist with implementing ACSC's Windows hardening guidance.☆271Updated 6 months ago
- Creating a hardened "Blue Forest" with Server 2016/2019 Domain Controllers☆263Updated last month
- Azure Sentinel KQL☆413Updated 2 months ago
- PowerShell module for Azure Sentinel☆230Updated 2 years ago
- PowerShell for CrowdStrike's OAuth2 APIs☆368Updated this week
- ☆615Updated last year
- Automation scripts to deploy Windows Event Forwarding, Sysmon, and custom audit policies in an Active Directory environment.☆465Updated 8 months ago
- CA Optics - Azure AD Conditional Access Gap Analyzer☆330Updated 2 months ago
- Deploy customizable Active Directory labs in Azure - automatically.☆410Updated 10 months ago
- A curated list of blogs, videos, tutorials, queries and anything else valuable to help you learn and master KQL and Microsoft Sentinel☆213Updated last year
- The Microsoft Sentinel Triage AssistanT (STAT) enables easy to create incident triage automation in Microsoft Sentinel☆217Updated last week