olafhartong / WDACme
A WDAC configuration repository with the sole intention of enriching MDE
☆27Updated last year
Related projects: ⓘ
- Automation around Entra ID☆33Updated 2 months ago
- ☆20Updated this week
- ☆40Updated 11 months ago
- ☆29Updated last year
- Sharing presentation slides and workbook templates that can be useful to others to learn more about Azure Active Directory!☆20Updated 3 weeks ago
- ☆68Updated last year
- Sentinel BEC IR☆15Updated 2 years ago
- ☆48Updated last year
- Expose a lot of MDE telemetry that is not easily accessible in any searchable form☆93Updated 2 months ago
- REST server that can analyze Kusto KQL queries against the Sentinel and Microsoft 365 Defender schemas.☆29Updated 4 months ago
- A list of Entra ID (Azure AD) Audit event names and the corresponding Microsoft Graph Request Uri☆25Updated 3 weeks ago
- ☆13Updated last year
- ☆40Updated last year
- The Invoke-TrimarcADChecks.ps1 PowerShell script is designed to gather data from a single domain AD forest based on our similar checks pe…☆35Updated last year
- A few scripts I put together to send and receive data from an Azure Log Analytics workspace leveraging the Azure Monitor HTTP Data Collec…☆23Updated last year
- ☆39Updated 3 years ago
- ☆13Updated this week
- Misc. content for Microsoft Sentinel☆16Updated 5 months ago
- Collection of Microsoft Identity Threat Detection and Response resources.☆31Updated 2 weeks ago
- Hunting Queries for Microsoft Defender Security Center https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defe…☆35Updated 3 years ago
- ☆25Updated 3 weeks ago
- Azure Sentinel Template parser☆15Updated 3 years ago
- Azure AD Incident Response☆24Updated 2 years ago
- Presentations from Conferences☆25Updated this week
- ☆25Updated this week
- MS Entra ID Protection Guidance☆20Updated 5 months ago
- GitHub action for validating Microsoft Sentinel detection rules☆11Updated last year
- ☆14Updated 3 years ago
- Links and guidance related to the return on mitigation report in the Microsoft Digital Defense Report☆27Updated 11 months ago
- This repository is used by FalconForce to release parts of the internal tools used for maintaining, validating and automatically deployin…☆15Updated last year