GitHub / Accelerynt-Security 8 Repositories
Accelerynt-Security/AS-Okta-NetworkZoneUpdate
Add IPs from Microsoft Sentinel Incidents to an Okta Network Zone Blocklist
Size: 1 MB - Last synced at: 15 days ago - Pushed at: 15 days ago - Stars: 0 - Forks: 0
Accelerynt-Security/Azure-Sentinel Fork of Azure/Azure-Sentinel
Cloud-native SIEM for intelligent security analytics for your entire enterprise.
Language: Python - Size: 7.96 GB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 3 - Forks: 2
Accelerynt-Security/AS-Enable-Azure-AD-User-From-Entity
Enable Azure AD user accounts from Microsoft Sentinel account entities
Size: 2.33 MB - Last synced at: 6 months ago - Pushed at: 6 months ago - Stars: 0 - Forks: 0
Accelerynt-Security/AS-Disable-Azure-AD-User-From-Entity
Disable Azure AD user accounts from Microsoft Sentinel account entities
Size: 2.81 MB - Last synced at: 6 months ago - Pushed at: 6 months ago - Stars: 0 - Forks: 0
Accelerynt-Security/AS-Microsoft-DCR-Log-Ingestion
Pull in logs from Microsoft Graph SignIn, Audit, and Microsoft Office activity
Language: PowerShell - Size: 9.33 MB - Last synced at: 6 months ago - Pushed at: 6 months ago - Stars: 0 - Forks: 0
Accelerynt-Security/AS-Revoke-Azure-AD-User-Session-From-Entity
Revoke Entra ID user sessions from Microsoft Sentinel entities
Size: 3.37 MB - Last synced at: 12 months ago - Pushed at: 12 months ago - Stars: 0 - Forks: 0
Accelerynt-Security/AS-Revoke-Azure-AD-User-Session-From-Incident
Revoke Entra ID user sessions from Microsoft Sentinel incidents
Size: 1.92 MB - Last synced at: 12 months ago - Pushed at: 12 months ago - Stars: 4 - Forks: 1
Accelerynt-Security/AS-IAM-Master-Playbook
Run four identity access management playbooks at once from a Microsoft Sentinel incident
Size: 5.13 MB - Last synced at: 12 months ago - Pushed at: 12 months ago - Stars: 1 - Forks: 1
Accelerynt-Security/AS-IAM-Entra-ID-Master-Playbook
Run two identity access management playbooks at once from a Microsoft Sentinel incident
Size: 3.57 MB - Last synced at: 12 months ago - Pushed at: 12 months ago - Stars: 1 - Forks: 1
Accelerynt-Security/AS-Clear-Okta-Network-Zone-List
Clear out all but one of the IPs from an Okta Network Zone list
Size: 856 KB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 0 - Forks: 0
Accelerynt-Security/AS-MDE-Isolate-Machine
Size: 1.07 MB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 0 - Forks: 0
Accelerynt-Security/AS-IP-Blocklist-Remove-IPs
Size: 2.08 MB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 0
Accelerynt-Security/Sentinel-Parsers
Size: 3.91 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 0
Accelerynt-Security/AS-Update-Okta-Network-Zone-From-Entity
Add IPs from Microsoft Sentinel Entities to an Okta Network Zone Blocklist
Size: 841 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 0
Accelerynt-Security/AS-Recurring-Host-Entity
Search Microsoft Sentinel Incident hosts in Sentinel SecurityAlert logs for other entities containing the same hosts
Size: 840 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 0
Accelerynt-Security/AS-Terminate-Okta-User-Session-From-Entity
Terminate an Okta user's session from a Microsoft Sentinel Entity
Size: 674 KB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 0 - Forks: 0
Accelerynt-Security/AS-Block-Hash-in-Defender
Block File Hashes found in Microsoft Sentinel Incidents in Defender
Size: 2.37 MB - Last synced at: about 1 year ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 0
Accelerynt-Security/AS-Sign-Out-Google-User
Sign out Google users from Microsoft Sentinel incidents
Language: Python - Size: 2.99 MB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 0
Accelerynt-Security/AS-Add-Azure-AD-User-Job-Title-to-Incident
Look up the Azure AD user accounts associated with the entities from Microsoft Sentinel incidents and add the Azure AD job titles in an Incident comment
Size: 819 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 0
Accelerynt-Security/AS-Make-GitHub-Repository-Private
Look up the GitHub repositories associated with the Incident Account Entities and make them private
Language: JavaScript - Size: 2.35 MB - Last synced at: almost 2 years ago - Pushed at: almost 2 years ago - Stars: 0 - Forks: 0
Accelerynt-Security/AS-Block-GitHub-User
Block GitHub users from Microsoft Sentinel incidents
Language: JavaScript - Size: 2.12 MB - Last synced at: almost 2 years ago - Pushed at: almost 2 years ago - Stars: 1 - Forks: 0
Accelerynt-Security/Zscaler-add-Domains-to-URL-Category
Extract domains from Microsoft Sentinel incidents and add them to a Zscaler custom URL category
Size: 3.05 MB - Last synced at: almost 2 years ago - Pushed at: almost 2 years ago - Stars: 1 - Forks: 0
Accelerynt-Security/AS-Remove-Domains-from-Zscaler-URL-Category
Extract domains from Microsoft Sentinel incidents and remove them from a Zscaler custom URL category
Size: 2.12 MB - Last synced at: almost 2 years ago - Pushed at: almost 2 years ago - Stars: 0 - Forks: 0
Accelerynt-Security/AS-Incident-IP-Matched-on-Watchlist
Match Sentinel incident IPs with subnet values in a watchlist and add those matches in incident comments
Size: 1.09 MB - Last synced at: almost 2 years ago - Pushed at: almost 2 years ago - Stars: 0 - Forks: 0
Accelerynt-Security/AS-Delete-App-Registration
Delete app registrations from Microsoft Sentinel incidents
Size: 1.97 MB - Last synced at: almost 2 years ago - Pushed at: almost 2 years ago - Stars: 0 - Forks: 0
Accelerynt-Security/AS-Incident-Response-Approval-Email
Facilitate incident response by sending an approval email to the manager(s) of the user(s) associated with a Microsoft Sentinel incident
Size: 1.91 MB - Last synced at: almost 2 years ago - Pushed at: almost 2 years ago - Stars: 0 - Forks: 1
Accelerynt-Security/AS-Add-Machine-Logon-Users-to-Incident
Add Microsoft Defender machine logon users to a Microsoft Sentinel incident comment
Size: 1.51 MB - Last synced at: almost 2 years ago - Pushed at: almost 2 years ago - Stars: 6 - Forks: 2
Accelerynt-Security/AS-Edgescan-Integration
Pull Edgescan assets, hosts, and vulnerabilities into Microsoft Sentinel custom logs
Size: 1.33 MB - Last synced at: about 2 years ago - Pushed at: about 2 years ago - Stars: 0 - Forks: 0
Accelerynt-Security/AS-Incident-Account-Spiderfoot-Scan
Run Spiderfoot scans on account entities from Microsoft Sentinel incidents
Size: 1.34 MB - Last synced at: about 2 years ago - Pushed at: about 2 years ago - Stars: 0 - Forks: 0
Accelerynt-Security/AS-Create-Opsgenie-Incident
Create an incident in Opsgenie with the information from a Microsoft Sentinel incident
Size: 724 KB - Last synced at: about 2 years ago - Pushed at: about 2 years ago - Stars: 0 - Forks: 0
Accelerynt-Security/AS-Okta-Terminate-User-Sessions
Match Okta users against the account entities on a Microsoft Sentinel incident and terminate all sessions of the matched users in Okta
Size: 396 KB - Last synced at: about 2 years ago - Pushed at: about 2 years ago - Stars: 1 - Forks: 0
Accelerynt-Security/AS-IP-Blocklist
Add IPs from Microsoft Sentinel Incidents to a Conditional Access Named Locations list
Size: 2.34 MB - Last synced at: about 2 years ago - Pushed at: over 2 years ago - Stars: 5 - Forks: 0
Accelerynt-Security/AS-Incident-Host-Exposure-Level
Add comments containing Microsoft Defender exposure level to Microsoft Sentinel incidents
Size: 851 KB - Last synced at: about 2 years ago - Pushed at: over 2 years ago - Stars: 0 - Forks: 1
Accelerynt-Security/AS-Import-AD-Group-Users-to-MS-Watchlist
This playbook is intended to be run on a schedule. It will add the users from a specified Azure Active Directory group to a Microsoft Sentinel watchlist.
Size: 2.46 MB - Last synced at: about 2 years ago - Pushed at: over 2 years ago - Stars: 4 - Forks: 0
Accelerynt-Security/Guardicore-ThreatIntel
Size: 658 KB - Last synced at: about 2 years ago - Pushed at: about 3 years ago - Stars: 1 - Forks: 0
Accelerynt-Security/AS-Azure-AD-Group
Add accounts from Microsoft Sentinel incidents to an Azure AD Group
Size: 516 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 1 - Forks: 0
Accelerynt-Security/Edgescan-AzureSentinel-Integration
Size: 1.15 MB - Last synced at: about 2 years ago - Pushed at: over 2 years ago - Stars: 3 - Forks: 2
Accelerynt-Security/AS-Compromised-Machine-Tagging
Tag machines in Microsoft Defender from a Microsoft Sentinel Incident
Size: 751 KB - Last synced at: about 2 years ago - Pushed at: over 2 years ago - Stars: 0 - Forks: 0
Accelerynt-Security/AS-PagerDuty-Integration
Integrates Microsoft Sentinel with PagerDuty
Size: 1.08 MB - Last synced at: about 2 years ago - Pushed at: about 3 years ago - Stars: 1 - Forks: 2
Accelerynt-Security/AS-Analytics
Size: 13.7 KB - Last synced at: about 2 years ago - Pushed at: almost 3 years ago - Stars: 0 - Forks: 0
Accelerynt-Security/AS-Teams-Integration
Integrates Microsoft Sentinel with Teams
Size: 594 KB - Last synced at: about 2 years ago - Pushed at: almost 3 years ago - Stars: 0 - Forks: 0
Accelerynt-Security/AS-Domain-Watchlist
Size: 529 KB - Last synced at: about 2 years ago - Pushed at: about 3 years ago - Stars: 1 - Forks: 0
Accelerynt-Security/Guardicore-Import-Assets
Size: 1.24 MB - Last synced at: about 2 years ago - Pushed at: about 3 years ago - Stars: 1 - Forks: 0
Accelerynt-Security/Guardicore-Import-Incidents
Size: 997 KB - Last synced at: about 2 years ago - Pushed at: about 3 years ago - Stars: 0 - Forks: 0
Accelerynt-Security/AS-Slack-Integration
Integrates Microsoft Sentinel with Slack
Size: 1.35 MB - Last synced at: about 2 years ago - Pushed at: about 3 years ago - Stars: 0 - Forks: 1
Accelerynt-Security/Defender
Language: PowerShell - Size: 5.86 KB - Last synced at: about 2 years ago - Pushed at: about 2 years ago - Stars: 0 - Forks: 0
Accelerynt-Security/Multitool-Extension
Language: JavaScript - Size: 1.14 MB - Last synced at: about 2 years ago - Pushed at: over 4 years ago - Stars: 0 - Forks: 0