An open API service providing repository metadata for many open source software ecosystems.

GitHub topics: azure-sentinel

y0nil/kusto.blog

A technical blog about Kusto

Language: HTML - Size: 2.78 MB - Last synced at: 16 days ago - Pushed at: 16 days ago - Stars: 11 - Forks: 2

briandelmsft/SentinelAutomationModules

The Microsoft Sentinel Triage AssistanT (STAT) enables easy to create incident triage automation in Microsoft Sentinel

Language: PowerShell - Size: 46.3 MB - Last synced at: about 8 hours ago - Pushed at: about 9 hours ago - Stars: 245 - Forks: 61

eshlomo1/Microsoft-Sentinel-SecOps

Microsoft Sentinel SOC Operations

Language: PowerShell - Size: 6.96 MB - Last synced at: 11 days ago - Pushed at: 10 months ago - Stars: 253 - Forks: 66

netevert/sentinel-attack

Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK

Size: 43 MB - Last synced at: about 19 hours ago - Pushed at: 6 months ago - Stars: 1,067 - Forks: 207

gypthecat/maxmind-kusto

MaxMind Geo and ASN Data for Kusto

Language: Shell - Size: 76.2 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 2 - Forks: 0

JimmyNur/azure-sentinel-detection-playbook

Azure Sentinel

Size: 13.7 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 0 - Forks: 0

jostuffl/AzureSentinel_Stuff

A collection of things I've created or found that I think is useful for Azure Sentinel.

Language: Jupyter Notebook - Size: 9.84 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 16 - Forks: 3

ashwin-patil/blue-teaming-with-kql

Repository with Sample KQL Query examples for Threat Hunting

Size: 21.6 MB - Last synced at: about 1 month ago - Pushed at: over 2 years ago - Stars: 209 - Forks: 36

danielecolon/Azure-Sentinel

Stop threats before they cause harm with an enterprise-wide security and monitoring service that presents a detailed overview of your organization across multiple clouds and on-premises locations.

Size: 1.5 MB - Last synced at: 9 days ago - Pushed at: 4 months ago - Stars: 0 - Forks: 0

SvenAelterman/AzSentinel-syslogfwd-HA 📦

Azure ARM (bicep) template for deploying a high availability syslog/CEF forwarder setup using Azure VMs.

Language: Bicep - Size: 29.3 KB - Last synced at: 3 days ago - Pushed at: over 3 years ago - Stars: 5 - Forks: 2

joelst/Sentinel

Collection of Microsoft Sentinel scripts, queries, and nicknacks

Language: PowerShell - Size: 91.8 KB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 0 - Forks: 0

clouddrove/terraform-azure-sentinel

This terraform module is designed to create azure Sentinel resources. Microsoft Sentinel natively incorporates proven Azure services, like Log Analytics and Logic Apps. Microsoft Sentinel enriches your investigation and detection with AI. It provides Microsoft's threat intelligence stream and enables you to bring your own threat intelligence

Language: HCL - Size: 38.1 KB - Last synced at: 5 days ago - Pushed at: 6 months ago - Stars: 6 - Forks: 5

darvinpatel/sentinel-walkthrough

This repository provides a comprehensive guide and scripts for setting up and managing Microsoft Sentinel. It includes step-by-step instructions and automation tools for configuring Sentinel, integrating data sources, and creating security alerts and dashboards for enhanced threat detection.

Size: 54.1 MB - Last synced at: about 2 months ago - Pushed at: 8 months ago - Stars: 1 - Forks: 0

darvinpatel/sentinelMap

This repository offers tools and scripts for mapping and visualizing Microsoft Sentinel data. It includes utilities for extracting, analyzing, and presenting security information from Sentinel, helping to create detailed security maps and dashboards for improved threat analysis.

Language: PowerShell - Size: 61.2 MB - Last synced at: about 2 months ago - Pushed at: 8 months ago - Stars: 0 - Forks: 0

DrPwner/KQL-Manager

KQL Local Manager, allows you to manage and organize KQL Queries in a central Database.

Language: Python - Size: 13.7 KB - Last synced at: 8 months ago - Pushed at: 8 months ago - Stars: 0 - Forks: 0

epomatti/azure-sentinel

Sentinal capabilities implemented

Language: HCL - Size: 54.7 KB - Last synced at: 2 months ago - Pushed at: about 1 year ago - Stars: 0 - Forks: 1

miguel-pgomes/Azure-content

Azure related content

Size: 3.91 KB - Last synced at: almost 2 years ago - Pushed at: about 2 years ago - Stars: 0 - Forks: 0

mlaraibkhan/az.sentinel-security-content

Microsoft Sentinel Custom Content

Language: Python - Size: 64.5 KB - Last synced at: almost 2 years ago - Pushed at: almost 2 years ago - Stars: 0 - Forks: 0

hisashin0728/SentinelAzureOpenAIQueryCheck

This repository provides summarization Schedule Analytics Rules in Sentinel Incident

Size: 16.6 KB - Last synced at: almost 2 years ago - Pushed at: almost 2 years ago - Stars: 0 - Forks: 0

hisashin0728/SentinelTeamsNotifyEnrichment

This Repository provides notification to Microsoft Teams by Adaptive Card.

Size: 34.2 KB - Last synced at: almost 2 years ago - Pushed at: almost 2 years ago - Stars: 0 - Forks: 0

hisashin0728/SentinelAzureOpenAI

Microsoft Sentinel / Azure Open AI 演習のレポジトリです。

Size: 298 KB - Last synced at: almost 2 years ago - Pushed at: almost 2 years ago - Stars: 2 - Forks: 1

noodlemctwoodle/pf-azure-sentinel 📦

Parse pfSense/OPNSense logs using Logstash, GeoIP tag entities, add additional context to logs, then send to Azure Sentinel for analysis.

Size: 1.23 MB - Last synced at: about 2 years ago - Pushed at: about 3 years ago - Stars: 25 - Forks: 5

quantum-sec/terraform-azurerm-workbooks

Terraform modules for deploying and managing Azure workbooks.

Language: HCL - Size: 56.6 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 1

hisashin0728/AutoClosing-SAMPLEALERT-FromMDfC

AutoClosing-SAMPLEALERT-FromMDfC

Size: 28.3 KB - Last synced at: almost 2 years ago - Pushed at: almost 2 years ago - Stars: 1 - Forks: 0

FabianBorz01/KQL-queries

My KQL queries :) Feel free to use and improve them.

Size: 8.79 KB - Last synced at: almost 2 years ago - Pushed at: over 2 years ago - Stars: 1 - Forks: 0

McL0vinn/MicrosoftDefender-DiscordCNC

Threat-Hunting KQL query which identifies machines that utilize powershell, cmd or wmic to connect to any URL that includes “cdn.discordapp.com” ,where the action was initiated by a script execution ( .vbs , .bat etc)

Size: 5.86 KB - Last synced at: 12 months ago - Pushed at: over 3 years ago - Stars: 1 - Forks: 0

T13nn3s/microsoft

Microsoft related PowerShell scripts and KQL queries

Language: PowerShell - Size: 25.4 KB - Last synced at: about 2 years ago - Pushed at: over 3 years ago - Stars: 2 - Forks: 0

McL0vinn/MicrosoftDefender-Kaseya_IOCs

Simple KQL query that can be run either in MD for Endpoint (Threat hunting or Custom indicator) or in Azure Sentinel (Threat hunting or analytics rule).It's looking for 4 known IOCs related to the Kaseya attack

Size: 3.91 KB - Last synced at: 12 months ago - Pushed at: almost 4 years ago - Stars: 1 - Forks: 0