rinure-msft / Azure-Sentinel
Cloud-native SIEM for intelligent security analytics for your entire enterprise.
☆19Updated last year
Related projects ⓘ
Alternatives and complementary repositories for Azure-Sentinel
- Microsoft Threat Protection Advance Hunting Cheat Sheet☆78Updated 4 years ago
- Solution to deploy a Sentinel playground demo environment☆55Updated last year
- Hunting Queries for Microsoft Defender Security Center https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defe…☆36Updated 3 years ago
- A few scripts I put together to send and receive data from an Azure Log Analytics workspace leveraging the Azure Monitor HTTP Data Collec…☆23Updated last year
- ☆43Updated last month
- Content Repo for Demystifying KQL Tutorial Series☆65Updated 2 months ago
- Links and guidance related to the return on mitigation report in the Microsoft Digital Defense Report☆27Updated last year
- A curated list of awesome threat detection and hunting resources☆16Updated 6 years ago
- Personal repo for messing with scripts☆25Updated 3 years ago
- ☆53Updated 4 months ago
- Presentations☆17Updated 2 years ago
- The idea is simply to save some quick notes that will make it easier for Splunk users to leverage KQL (Kusto), especially giving projects…☆38Updated 4 years ago
- ☆29Updated last week
- KQL queries for cyber defense and for solving daily issues☆43Updated last month
- ☆70Updated last month
- ☆40Updated 3 years ago
- Conference presentations☆47Updated last year
- ☆14Updated 3 years ago
- ADXFlowmaster helps SecOps teams Threat Hunt suspicious network traffic inside & outside of Azure.☆27Updated 3 weeks ago
- ☆30Updated last year
- Advanced Hunting Queries for Microsoft Security Products☆106Updated last year
- Cyber Defence related kusto queries for use in Azure Sentinel and Defender advanced hunting☆57Updated 3 weeks ago
- A collection of ARM-based detections for Azure/AzureAD based TTPs☆80Updated 11 months ago
- ☆41Updated 7 months ago
- Microsoft Sentinel, Defender for Endpoint - KQL Detection Packs☆51Updated last year
- Azure AD Incident Response☆24Updated 3 years ago
- Ingesting Shodan Monitor Alerts to Microsoft Sentinel☆33Updated last year
- A guide to using Azure Data Explorer and KQL for DFIR☆96Updated 2 years ago