mon-csirt / active-directory-security
The "Monash Enterprise Access Model" (MEAM) is a model for tiering Active Directory that builds heavily on the Microsoft Enterprise Access Model.
☆52Updated 3 months ago
Related projects: ⓘ
- A PowerShell script that automates the security assessment of Microsoft Active Directory environments.☆61Updated last year
- ☆63Updated last week
- Sharing presentation slides and workbook templates that can be useful to others to learn more about Azure Active Directory!☆20Updated 3 weeks ago
- MDE Quickstart is a battle-tested MDE policy set designed to be restored with Intune Backup & Restore☆65Updated last year
- This repo aims to help you decipher the UAL from a Digital Forensics & Incident Response (DFIR) perspective. The UAL is the Microsoft 365…☆45Updated 4 months ago
- ☆58Updated 7 months ago
- ☆40Updated 5 months ago
- KQL Queries. Microsoft Defender, Microsoft Sentinel☆100Updated last week
- ☆42Updated last year
- Defender for Endpoint☆16Updated 6 months ago
- Cloud-native SIEM for intelligent security analytics for your entire enterprise.☆20Updated 2 years ago
- Tool for creating reports on Entra ID Role Assignments☆85Updated 5 months ago
- Maintain Tier 0 users. This script take care all Tier 0 users are in the correct OU or in the default user container and add the Kerberos…☆45Updated 2 months ago
- A collection of Microsoft Sentinel workbooks and analytics rules.☆99Updated 7 months ago
- Content Repo for Demystifying KQL Tutorial Series☆64Updated 2 weeks ago
- ☆48Updated this week
- ☆73Updated 8 months ago
- Microsoft Entra ID App Audit Solution (AADAppAudit)☆78Updated 3 weeks ago
- ☆37Updated last year
- MDE Tester is designed to help testing various features in Microsoft Defender for Endpoint.☆187Updated 6 months ago
- ☆40Updated 11 months ago
- Links and guidance related to the return on mitigation report in the Microsoft Digital Defense Report☆27Updated 11 months ago
- ☆65Updated 2 months ago
- Microsoft Sentinel related content☆33Updated 11 months ago
- Repository to publish sample use cases, templates, solutions, automations for Microsoft Defender Threat Intelligence (MDTI) product☆74Updated last week
- ResearchDev - XDR & SIEM Detection☆61Updated 5 months ago
- The collateral repository for The KQL Mysteries series☆17Updated 6 months ago
- Sample queries for Advanced hunting in Microsoft Defender ATP☆35Updated 2 years ago
- Sentinel Logic Apps/Playbooks to automate enrichment, incident analysis and more.☆67Updated last month
- Sentinel Analytics Rule converter PowerShell module☆51Updated last month