noodlemctwoodle / Sentinel-As-CodeLinks
An automation framework for deploying Microsoft Sentinel environments using pipelines. This project combines infrastructure-as-code (Bicep) with PowerShell automation to streamline the deployment of Sentinel solutions, analytics rules, and workbooks.
☆18Updated 3 months ago
Alternatives and similar repositories for Sentinel-As-Code
Users that are interested in Sentinel-As-Code are comparing it to the libraries listed below
Sorting:
- Ian Hanley's deceptively simple KQL queries.☆60Updated 2 weeks ago
- ☆53Updated 2 weeks ago
- This repository contains various public projects created by the owners of Hybrid Brothers☆21Updated last year
- ☆35Updated 2 years ago
- Sharing my KQL queries for Azure Sentinel☆188Updated 3 weeks ago
- ☆40Updated last week
- MDE Quickstart is a battle-tested MDE policy set designed to be restored with Intune Backup & Restore☆66Updated 2 years ago
- various tools for Microsoft Sentinel☆31Updated 4 months ago
- A collection of Microsoft Sentinel workbooks and analytics rules.☆110Updated last year
- Community project to classify, identify and protect your privileges based on Enterprise Access Model (EAM)☆185Updated last month
- Docs and samples for privileged identity and access management in Microsoft Azure and Microsoft Entra.☆174Updated 2 weeks ago
- Additional resources to improve customer experience with Microsoft Defender for Identity☆114Updated last month
- Defender for Endpoint☆17Updated last year
- ☆16Updated 2 months ago
- The Microsoft Sentinel Triage AssistanT (STAT) enables easy to create incident triage automation in Microsoft Sentinel☆265Updated last month
- Sentinel Analytics Rule converter PowerShell module☆65Updated 9 months ago
- Utilities for Microsoft Sentinel☆18Updated 4 months ago
- Sample queries and data as part of the Microsoft Press book, The Definitive Guide to KQL☆272Updated last year
- A curated list of blogs, videos, tutorials, queries and anything else valuable to help you learn and master KQL and Microsoft Sentinel☆234Updated 2 years ago
- ☆59Updated last year
- ☆88Updated last year
- Copilot for Security Tools☆16Updated last year
- Workbooks for Azure Sentinel☆60Updated 2 years ago
- ☆83Updated last month
- ☆19Updated last year
- Conditional Access baseline for March 2025☆12Updated 7 months ago
- Repository with Sentinel Analytics Rules, Hunting Queries and helpful external data sources.☆129Updated last week
- ☆36Updated last month
- KQL Queries. Microsoft Defender, Microsoft Sentinel☆182Updated last month
- This repo aims to help you decipher the UAL from a Digital Forensics & Incident Response (DFIR) perspective. The UAL is the Microsoft 365…☆61Updated last year