Pinned Repositories
Azure-Sentinel-CiscoUmbrella
Reworked assets for Azure Sentinel using Cisco Umbrella logs as source. Includes logstash config for Cisco Umbrella using Cisco managed AWS S3
Azure-Sentinel-Playbooks
Azure-TPot
Azure TPot Deployment
AzurePenTestScope
The following scripts and programs are to help security professionals scope their organizations Azure footprint prior to penetration testing.
Community-GuestConfiguration
The following guest configuration artifacts removes the intial authoring steps 1-4. The remaining steps are publishing the artifacts to your Azure subscription and registering the Azure Policy.
decks
The following Repo are for Public Slide Decks that may be of interest
Defender-for-Cloud-Alert-Reference
#Defender for Cloud Alert Reference
kql
kql query examples
Microsoft-Azure-SIEM-Pipeline
Here you will find architectures and configuration collected around sending Alerts and Logs from Microsoft and Azure platforms and products to 3rd party SIEM
PowerShell-Scripts
PowerShell Scripts, Snippets, bare minmium ideas
swiftsolves-msft's Repositories
swiftsolves-msft/PowerShell-Scripts
PowerShell Scripts, Snippets, bare minmium ideas
swiftsolves-msft/Defender-for-Cloud-Alert-Reference
#Defender for Cloud Alert Reference
swiftsolves-msft/decks
The following Repo are for Public Slide Decks that may be of interest
swiftsolves-msft/Community-GuestConfiguration
The following guest configuration artifacts removes the intial authoring steps 1-4. The remaining steps are publishing the artifacts to your Azure subscription and registering the Azure Policy.
swiftsolves-msft/Azure-TPot
Azure TPot Deployment
swiftsolves-msft/mde
MDE miscellaneous stuff
swiftsolves-msft/Microsoft-Sentinel-ZScalerZIANSSCloud
swiftsolves-msft/Policy
Azure Policy
swiftsolves-msft/kql
kql query examples
swiftsolves-msft/Microsoft-Azure-SIEM-Pipeline
Here you will find architectures and configuration collected around sending Alerts and Logs from Microsoft and Azure platforms and products to 3rd party SIEM
swiftsolves-msft/Azure-Analytics-and-AI-Engagement
Azure Analytics and AI Engagement
swiftsolves-msft/azure-docs
Open source documentation of Microsoft Azure
swiftsolves-msft/Azure-Network-Security
Resources for improving Customer Experience with Azure Network Security
swiftsolves-msft/Azure-Security-Center
Welcome to the Azure Security Center community repository
swiftsolves-msft/Azure-Sentinel
Cloud-native SIEM for intelligent security analytics for your entire enterprise.
swiftsolves-msft/CfS
Repo for storing sample prompts, prompt templates, promptbooks, plugin development and all things exploring with Copilot for Security
swiftsolves-msft/changeanalysis-webapp-storage-sample
sample used in change analysis documentation to view Azure web app and storage changes
swiftsolves-msft/Community-Policy
This repo is for Microsoft Azure customers and Microsoft teams to collaborate in making custom policies.
swiftsolves-msft/Copilot-For-Security
Microsoft Copilot for Security is a generative AI-powered security solution that helps increase the efficiency and capabilities of defenders to improve security outcomes at machine speed and scale, while remaining compliant to responsible AI principles
swiftsolves-msft/Labs
Securing Azure Practice Lab Environments
swiftsolves-msft/LiveResponseToolsSync
swiftsolves-msft/LogicApps
Misc LogisApps built
swiftsolves-msft/Microsoft-Sentinel-ZScalerZIANSSAMA
swiftsolves-msft/personal
Personal projects I am working on non Microsoft or Security related.
swiftsolves-msft/RepositoriesSampleContent
swiftsolves-msft/SimuLand
Understand adversary tradecraft and improve detection strategies
swiftsolves-msft/Tanium
swiftsolves-msft/Threat-Protection-CWPP-MindMap
The following tool link below can be used to explore Defender for Cloud's - Cloud Workload Platform Protection (CWPP) core services it can cover and capabilities. While not exhaustive to every detection it provides a learning tool Mind Map to help explore each set of services covered under threat protection, capabilities with detailed notes, and links to reference alerts or unique blogs or scenarios written about.
swiftsolves-msft/tpotce
🍯 T-Pot - The All In One Honeypot Platform 🐝
swiftsolves-msft/workshop-arc
Azure Workshop using a E8s_V3 - Nested Hyper-V with DC, FileServer, and Ubuntu. Can be used to create workshops involving Hybrid scenarios for customer to test like Arc, Backups, ASR, OMS, and other scenarios