Accelerynt

Dallas, Texas

Pinned Repositories

AS-Add-Machine-Logon-Users-to-Incident
Add Microsoft Defender machine logon users to a Microsoft Sentinel incident comment
7 0 03
AS-Create-Opsgenie-Incident
Create an incident in Opsgenie with the information from a Microsoft Sentinel incident
30
AS-Import-AD-Group-Users-to-MS-Watchlist
This playbook is intended to be run on a schedule. It will add the users from a specified Azure Active Directory group to a Microsoft Sentinel watchlist.
6 0 00
AS-IP-Blocklist
Add IPs from Microsoft Sentinel Incidents to a Conditional Access Named Locations list
7 0 10
AS-Make-GitHub-Repository-Private
Look up the GitHub repositories associated with the Incident Account Entities and make them private
Language:JavaScript2 0 00
AS-PagerDuty-Integration
Integrates Microsoft Sentinel with PagerDuty
2 0 04
AS-Revoke-Azure-AD-User-Session-From-Incident
Revoke Entra ID user sessions from Microsoft Sentinel incidents
4 0 01
Azure-Sentinel
Cloud-native SIEM for intelligent security analytics for your entire enterprise.
Language:Jupyter Notebook3 1 02
Defender
Language:PowerShell0 0 00
Sentinel-Parsers
0 0 00

Accelerynt's Repositories

Accelerynt-Security/AS-Add-Machine-Logon-Users-to-Incident
Add Microsoft Defender machine logon users to a Microsoft Sentinel incident comment
7 0 03
Accelerynt-Security/AS-Revoke-Azure-AD-User-Session-From-Incident
Revoke Entra ID user sessions from Microsoft Sentinel incidents
4 0 01
Accelerynt-Security/Azure-Sentinel
Cloud-native SIEM for intelligent security analytics for your entire enterprise.
Language:Jupyter Notebook3 1 02
Accelerynt-Security/AS-Azure-AD-Group
Add accounts from Microsoft Sentinel incidents to an Azure AD Group
2 1 00
Accelerynt-Security/AS-Make-GitHub-Repository-Private
Look up the GitHub repositories associated with the Incident Account Entities and make them private
Language:JavaScript2 0 00
Accelerynt-Security/AS-Blob-Storage-Add-Domains-to-Zscaler-URL-Category
Maintain the values of a Zscaler URL category with Azure blob storage
1 0 0
Accelerynt-Security/AS-IAM-Entra-ID-Master-Playbook
Run two identity access management playbooks at once from a Microsoft Sentinel incident
1 0 11
Accelerynt-Security/AS-IAM-Master-Playbook
Run four identity access management playbooks at once from a Microsoft Sentinel incident
1 0 01
Accelerynt-Security/Zscaler-add-Domains-to-URL-Category
Extract domains from Microsoft Sentinel incidents and add them to a Zscaler custom URL category
1 0 00
Accelerynt-Security/Sentinel-Parsers
0 0 00
Accelerynt-Security/AS-Add-Azure-AD-User-Job-Title-to-Incident
Look up the Azure AD user accounts associated with the entities from Microsoft Sentinel incidents and add the Azure AD job titles in an Incident comment
Accelerynt-Security/AS-Armis-Integration
Integrates Microsoft Sentinel with Armis
0 0
Accelerynt-Security/AS-Block-GitHub-User
Block GitHub users from Microsoft Sentinel incidents
Language:JavaScript0 0
Accelerynt-Security/AS-Block-Hash-in-Defender
Block File Hashes found in Microsoft Sentinel Incidents in Defender
0 0
Accelerynt-Security/AS-Clear-Okta-Network-Zone-List
Clear out all but one of the IPs from an Okta Network Zone list
Accelerynt-Security/AS-Delete-App-Registration
Delete app registrations from Microsoft Sentinel incidents
0 0
Accelerynt-Security/AS-Disable-Azure-AD-User-From-Entity
Disable Azure AD user accounts from Microsoft Sentinel account entities
0 0
Accelerynt-Security/AS-Edgescan-Integration
Pull Edgescan assets, hosts, and vulnerabilities into Microsoft Sentinel custom logs
0 0
Accelerynt-Security/AS-Enable-Azure-AD-User-From-Entity
Enable Azure AD user accounts from Microsoft Sentinel account entities
0 0
Accelerynt-Security/AS-Incident-IP-Matched-on-Watchlist
Match Sentinel incident IPs with subnet values in a watchlist and add those matches in incident comments
0 0
Accelerynt-Security/AS-Incident-Response-Approval-Email
Facilitate incident response by sending an approval email to the manager(s) of the user(s) associated with a Microsoft Sentinel incident
0 01
Accelerynt-Security/AS-IP-Blocklist-Remove-IPs
Accelerynt-Security/AS-MDE-Isolate-Machine
0 0
Accelerynt-Security/AS-MDE-Unisolate-Machine
Accelerynt-Security/AS-Recurring-Host-Entity
Search Microsoft Sentinel Incident hosts in Sentinel SecurityAlert logs for other entities containing the same hosts
0 0
Accelerynt-Security/AS-Remove-Domains-from-Zscaler-URL-Category
Extract domains from Microsoft Sentinel incidents and remove them from a Zscaler custom URL category
0 0
Accelerynt-Security/AS-Revoke-Azure-AD-User-Session-From-Entity
Revoke Entra ID user sessions from Microsoft Sentinel entities
0 0
Accelerynt-Security/AS-Sign-Out-Google-User
Sign out Google users from Microsoft Sentinel incidents
Language:Python0 0
Accelerynt-Security/AS-Terminate-Okta-User-Session-From-Entity
Terminate an Okta user's session from a Microsoft Sentinel Entity
Accelerynt-Security/AS-Update-Okta-Network-Zone-From-Entity
Add IPs from Microsoft Sentinel Entities to an Okta Network Zone Blocklist
0 0