rinure-msft / Azure-Sentinel
Cloud-native SIEM for intelligent security analytics for your entire enterprise.
☆19Updated last year
Related projects ⓘ
Alternatives and complementary repositories for Azure-Sentinel
- Microsoft Threat Protection Advance Hunting Cheat Sheet☆78Updated 4 years ago
- Hunting Queries for Microsoft Defender Security Center https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defe…☆36Updated 3 years ago
- Ingesting Shodan Monitor Alerts to Microsoft Sentinel☆33Updated last year
- A few scripts I put together to send and receive data from an Azure Log Analytics workspace leveraging the Azure Monitor HTTP Data Collec…☆23Updated last year
- Links and guidance related to the return on mitigation report in the Microsoft Digital Defense Report☆27Updated last year
- Solution to deploy a Sentinel playground demo environment☆54Updated last year
- KQL queries for cyber defense and for solving daily issues☆43Updated 3 weeks ago
- Advanced Hunting Queries for Microsoft Security Products☆106Updated last year
- ☆70Updated 3 weeks ago
- The idea is simply to save some quick notes that will make it easier for Splunk users to leverage KQL (Kusto), especially giving projects…☆38Updated 4 years ago
- ☆53Updated 3 months ago
- ☆29Updated this week
- ADXFlowmaster helps SecOps teams Threat Hunt suspicious network traffic inside & outside of Azure.☆25Updated last week
- Microsoft Sentinel, Defender for Endpoint - KQL Detection Packs☆51Updated last year
- ☆14Updated 3 years ago
- Various tools used to monitor and troubleshoot Azure Sentinel data☆29Updated 2 weeks ago
- Jupyter notebooks☆22Updated 4 years ago
- Conference presentations☆47Updated last year
- ☆30Updated last year
- ☆44Updated this week
- Collection of Microsoft Identity Threat Detection and Response resources.☆34Updated last week
- A collection of ARM-based detections for Azure/AzureAD based TTPs☆80Updated 11 months ago
- A collection of scripts and works related to Azure Sentinel☆41Updated 2 years ago
- Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.☆125Updated 2 years ago
- A lab environment for learning about MSTICPy☆36Updated last year
- ☆13Updated 3 years ago
- Repository to publish sample use cases, templates, solutions, automations for Microsoft Defender Threat Intelligence (MDTI) product☆77Updated 2 months ago
- A guide to using Azure Data Explorer and KQL for DFIR☆96Updated 2 years ago