Bert-JanP/Hunting-Queries-Detection-Rules

KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.

PythonBSD-3-Clause

Issues

Defender For Cloud Apps /MITREBehaviors.md cannot pull from Behaviorinfo/BehaviorEntities tables
#47 opened 7 months ago by verdensdalle
1
Microsoft Defender Issue
#43 opened 8 months ago by taremooo
1
geo_info_from_ip_address not available in MDE AH
#17 opened a year ago by mezzofix
1
custom rules fails to decode base64 encoded string
#14 opened a year ago by mezzofix
3
Azure
#12 opened 2 years ago by dazeez
2