microsoft / msticpy-trainingLinks
Training and support materials for MSTICPy
☆18Updated 2 years ago
Alternatives and similar repositories for msticpy-training
Users that are interested in msticpy-training are comparing it to the libraries listed below
Sorting:
- REST server that can analyze Kusto KQL queries against the Sentinel and Microsoft 365 Defender schemas.☆49Updated 4 months ago
- A lab environment for learning about MSTICPy☆38Updated 3 years ago
- The idea is simply to save some quick notes that will make it easier for Splunk users to leverage KQL (Kusto), especially giving projects…☆44Updated 5 years ago
- ADXFlowmaster helps SecOps teams Threat Hunt suspicious network traffic inside & outside of Azure.☆40Updated last year
- M365 MDATP Live Response sample scripts☆82Updated last year
- ☆31Updated 2 years ago
- Advanced Hunting Queries for Microsoft Security Products☆108Updated 3 years ago
- A collection of ARM-based detections for Azure/AzureAD based TTPs☆89Updated 2 years ago
- ☆73Updated last year
- Visualize Microsoft Defender XDR process trees and security events☆33Updated 5 months ago
- The Infosec Community Definitive Guide to Jupyter Notebooks☆131Updated 5 years ago
- Repository to publish sample use cases, templates, solutions, automations for Microsoft Defender Threat Intelligence (MDTI) product☆79Updated last year
- Links and guidance related to the return on mitigation report in the Microsoft Digital Defense Report☆28Updated 2 years ago
- Cloud Analytics helps defenders detect attacks to their cloud infrastructure by developing behavioral analytics for cloud platforms as we…☆54Updated 2 years ago
- ☆43Updated 4 years ago
- A WDAC configuration repository with the sole intention of enriching MDE☆30Updated 7 months ago
- Microsoft Sentinel, Defender for Endpoint - KQL Detection Packs☆55Updated 2 years ago
- Defender Resource Hub☆30Updated last month
- An automated deployment tool that creates instrumented Azure environments with vulnerable systems for simulating attacks and testing Micr…☆61Updated 6 months ago
- Cloud-native SIEM for intelligent security analytics for your entire enterprise.☆20Updated 2 years ago
- Hunting Queries for Microsoft Defender Security Center https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defe…☆39Updated 4 years ago
- Sharing presentation slides and workbook templates that can be useful to others to learn more about Azure Active Directory!☆21Updated last year
- ☆22Updated 2 years ago
- Tool to extract Sessions, MessageID(s) and find the emails belonging to MessageID(s). This script utilizes the MailItemsAccessed features…☆41Updated 5 years ago
- Collection of Microsoft Identity Threat Detection and Response resources.☆51Updated this week
- ☆45Updated last year
- This repository is used by FalconForce to release parts of the internal tools used for maintaining, validating and automatically deployin…☆17Updated 2 years ago
- KQL queries for cyber defense and for solving daily issues☆54Updated 6 months ago
- Microsoft 365 Defender Hunting via PowerShell.☆14Updated 3 years ago
- Azure function to insert MISP data in to Azure Sentinel☆34Updated 3 years ago