noodlemctwoodle / Sentinel-As-CodeLinks
An automation framework for deploying Microsoft Sentinel environments using pipelines. This project combines infrastructure-as-code (Bicep) with PowerShell automation to streamline the deployment of Sentinel solutions, analytics rules, and workbooks.
☆17Updated 2 months ago
Alternatives and similar repositories for Sentinel-As-Code
Users that are interested in Sentinel-As-Code are comparing it to the libraries listed below
Sorting:
- Ian Hanley's deceptively simple KQL queries.☆58Updated last month
- ☆53Updated 3 months ago
- ☆16Updated last month
- This repository contains various public projects created by the owners of Hybrid Brothers☆21Updated last year
- ☆19Updated last year
- various tools for Microsoft Sentinel☆31Updated 3 months ago
- A collection of Microsoft Sentinel workbooks and analytics rules.☆110Updated last year
- Utilities for Microsoft Sentinel☆18Updated 3 months ago
- Sharing my KQL queries for Azure Sentinel☆186Updated this week
- Docs and samples for privileged identity and access management in Microsoft Azure and Microsoft Entra.☆173Updated 2 weeks ago
- Workbooks for Azure Sentinel☆60Updated 2 years ago
- Sentinel Analytics Rule converter PowerShell module☆65Updated 8 months ago
- MDE Quickstart is a battle-tested MDE policy set designed to be restored with Intune Backup & Restore☆66Updated 2 years ago
- ☆80Updated last week
- ☆35Updated 2 years ago
- Community project to classify, identify and protect your privileges based on Enterprise Access Model (EAM)☆183Updated 2 weeks ago
- Defender for Endpoint☆17Updated last year
- This repo aims to help you decipher the UAL from a Digital Forensics & Incident Response (DFIR) perspective. The UAL is the Microsoft 365…☆61Updated last year
- The Microsoft Sentinel Triage AssistanT (STAT) enables easy to create incident triage automation in Microsoft Sentinel☆261Updated 3 weeks ago
- Additional resources to improve customer experience with Microsoft Defender for Identity☆113Updated 3 weeks ago
- PowerShell-based Automation of Defender for Endpoint☆176Updated 3 months ago
- A curated list of blogs, videos, tutorials, queries and anything else valuable to help you learn and master KQL and Microsoft Sentinel☆234Updated 2 years ago
- ☆21Updated last year
- ☆30Updated 10 months ago
- ☆59Updated last year
- Copilot for Security Tools☆16Updated last year
- ☆88Updated last year
- ☆35Updated last week
- Sample queries and data as part of the Microsoft Press book, The Definitive Guide to KQL☆269Updated last year
- KQL Queries. Microsoft Defender, Microsoft Sentinel☆181Updated 2 weeks ago