SentinelOne Jupyter Notebooks
The following Jupyter notebooks were created to simplify interacting with the SentinelOne Console API. The notebooks are broken up by their ultimate functions: Management, Hunting, Investigations. These are still a work in progress, I'm still new to Jupyter notebooks and using Pandas, so these may change as frequently as the SentinelOne API ;)
Current Notebooks
- SentinelOne Management Notebook - Console, Agent, Policy and Exclusion information.
- SentinelOne Hunt Notebook - Threat investigation and Deep Visibility hunting.
- SentinelOne Investigate Notebook - Incident response/forensic notebook.
Planned Notebooks
- SentinelOne Automated Hunts - Creates saved DV queries, executes and exports the query data, then performs data review and output. (May need to be broken down into Tactics and Techniques)