GitHub topics: azure-sentinel
y0nil/kusto.blog
A technical blog about Kusto
Language: HTML - Size: 2.78 MB - Last synced at: 16 days ago - Pushed at: 16 days ago - Stars: 11 - Forks: 2
briandelmsft/SentinelAutomationModules
The Microsoft Sentinel Triage AssistanT (STAT) enables easy to create incident triage automation in Microsoft Sentinel
Language: PowerShell - Size: 46.3 MB - Last synced at: about 8 hours ago - Pushed at: about 9 hours ago - Stars: 245 - Forks: 61
eshlomo1/Microsoft-Sentinel-SecOps
Microsoft Sentinel SOC Operations
Language: PowerShell - Size: 6.96 MB - Last synced at: 11 days ago - Pushed at: 10 months ago - Stars: 253 - Forks: 66
netevert/sentinel-attack
Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
Size: 43 MB - Last synced at: about 19 hours ago - Pushed at: 6 months ago - Stars: 1,067 - Forks: 207
gypthecat/maxmind-kusto
MaxMind Geo and ASN Data for Kusto
Language: Shell - Size: 76.2 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 2 - Forks: 0
JimmyNur/azure-sentinel-detection-playbook
Azure Sentinel
Size: 13.7 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 0 - Forks: 0
jostuffl/AzureSentinel_Stuff
A collection of things I've created or found that I think is useful for Azure Sentinel.
Language: Jupyter Notebook - Size: 9.84 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 16 - Forks: 3
ashwin-patil/blue-teaming-with-kql
Repository with Sample KQL Query examples for Threat Hunting
Size: 21.6 MB - Last synced at: about 1 month ago - Pushed at: over 2 years ago - Stars: 209 - Forks: 36
danielecolon/Azure-Sentinel
Stop threats before they cause harm with an enterprise-wide security and monitoring service that presents a detailed overview of your organization across multiple clouds and on-premises locations.
Size: 1.5 MB - Last synced at: 9 days ago - Pushed at: 4 months ago - Stars: 0 - Forks: 0
SvenAelterman/AzSentinel-syslogfwd-HA 📦
Azure ARM (bicep) template for deploying a high availability syslog/CEF forwarder setup using Azure VMs.
Language: Bicep - Size: 29.3 KB - Last synced at: 3 days ago - Pushed at: over 3 years ago - Stars: 5 - Forks: 2
joelst/Sentinel
Collection of Microsoft Sentinel scripts, queries, and nicknacks
Language: PowerShell - Size: 91.8 KB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 0 - Forks: 0
clouddrove/terraform-azure-sentinel
This terraform module is designed to create azure Sentinel resources. Microsoft Sentinel natively incorporates proven Azure services, like Log Analytics and Logic Apps. Microsoft Sentinel enriches your investigation and detection with AI. It provides Microsoft's threat intelligence stream and enables you to bring your own threat intelligence
Language: HCL - Size: 38.1 KB - Last synced at: 5 days ago - Pushed at: 6 months ago - Stars: 6 - Forks: 5
darvinpatel/sentinel-walkthrough
This repository provides a comprehensive guide and scripts for setting up and managing Microsoft Sentinel. It includes step-by-step instructions and automation tools for configuring Sentinel, integrating data sources, and creating security alerts and dashboards for enhanced threat detection.
Size: 54.1 MB - Last synced at: about 2 months ago - Pushed at: 8 months ago - Stars: 1 - Forks: 0
darvinpatel/sentinelMap
This repository offers tools and scripts for mapping and visualizing Microsoft Sentinel data. It includes utilities for extracting, analyzing, and presenting security information from Sentinel, helping to create detailed security maps and dashboards for improved threat analysis.
Language: PowerShell - Size: 61.2 MB - Last synced at: about 2 months ago - Pushed at: 8 months ago - Stars: 0 - Forks: 0
DrPwner/KQL-Manager
KQL Local Manager, allows you to manage and organize KQL Queries in a central Database.
Language: Python - Size: 13.7 KB - Last synced at: 8 months ago - Pushed at: 8 months ago - Stars: 0 - Forks: 0
epomatti/azure-sentinel
Sentinal capabilities implemented
Language: HCL - Size: 54.7 KB - Last synced at: 2 months ago - Pushed at: about 1 year ago - Stars: 0 - Forks: 1
miguel-pgomes/Azure-content
Azure related content
Size: 3.91 KB - Last synced at: almost 2 years ago - Pushed at: about 2 years ago - Stars: 0 - Forks: 0
mlaraibkhan/az.sentinel-security-content
Microsoft Sentinel Custom Content
Language: Python - Size: 64.5 KB - Last synced at: almost 2 years ago - Pushed at: almost 2 years ago - Stars: 0 - Forks: 0
hisashin0728/SentinelAzureOpenAIQueryCheck
This repository provides summarization Schedule Analytics Rules in Sentinel Incident
Size: 16.6 KB - Last synced at: almost 2 years ago - Pushed at: almost 2 years ago - Stars: 0 - Forks: 0
hisashin0728/SentinelTeamsNotifyEnrichment
This Repository provides notification to Microsoft Teams by Adaptive Card.
Size: 34.2 KB - Last synced at: almost 2 years ago - Pushed at: almost 2 years ago - Stars: 0 - Forks: 0
hisashin0728/SentinelAzureOpenAI
Microsoft Sentinel / Azure Open AI 演習のレポジトリです。
Size: 298 KB - Last synced at: almost 2 years ago - Pushed at: almost 2 years ago - Stars: 2 - Forks: 1
noodlemctwoodle/pf-azure-sentinel 📦
Parse pfSense/OPNSense logs using Logstash, GeoIP tag entities, add additional context to logs, then send to Azure Sentinel for analysis.
Size: 1.23 MB - Last synced at: about 2 years ago - Pushed at: about 3 years ago - Stars: 25 - Forks: 5
quantum-sec/terraform-azurerm-workbooks
Terraform modules for deploying and managing Azure workbooks.
Language: HCL - Size: 56.6 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 1
hisashin0728/AutoClosing-SAMPLEALERT-FromMDfC
AutoClosing-SAMPLEALERT-FromMDfC
Size: 28.3 KB - Last synced at: almost 2 years ago - Pushed at: almost 2 years ago - Stars: 1 - Forks: 0
FabianBorz01/KQL-queries
My KQL queries :) Feel free to use and improve them.
Size: 8.79 KB - Last synced at: almost 2 years ago - Pushed at: over 2 years ago - Stars: 1 - Forks: 0
McL0vinn/MicrosoftDefender-DiscordCNC
Threat-Hunting KQL query which identifies machines that utilize powershell, cmd or wmic to connect to any URL that includes “cdn.discordapp.com” ,where the action was initiated by a script execution ( .vbs , .bat etc)
Size: 5.86 KB - Last synced at: 12 months ago - Pushed at: over 3 years ago - Stars: 1 - Forks: 0
T13nn3s/microsoft
Microsoft related PowerShell scripts and KQL queries
Language: PowerShell - Size: 25.4 KB - Last synced at: about 2 years ago - Pushed at: over 3 years ago - Stars: 2 - Forks: 0
McL0vinn/MicrosoftDefender-Kaseya_IOCs
Simple KQL query that can be run either in MD for Endpoint (Threat hunting or Custom indicator) or in Azure Sentinel (Threat hunting or analytics rule).It's looking for 4 known IOCs related to the Kaseya attack
Size: 3.91 KB - Last synced at: 12 months ago - Pushed at: almost 4 years ago - Stars: 1 - Forks: 0