azure-sentinel
There are 33 repositories under azure-sentinel topic.
netevert/sentinel-attack
Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
eshlomo1/Microsoft-Sentinel-SecOps
Microsoft Sentinel SOC Operations
briandelmsft/SentinelAutomationModules
The Microsoft Sentinel Triage AssistanT (STAT) enables easy to create incident triage automation in Microsoft Sentinel
ashwin-patil/blue-teaming-with-kql
Repository with Sample KQL Query examples for Threat Hunting
noodlemctwoodle/pf-azure-sentinel
Parse pfSense/OPNSense logs using Logstash, GeoIP tag entities, add additional context to logs, then send to Azure Sentinel for analysis.
jostuffl/AzureSentinel_Stuff
A collection of things I've created or found that I think is useful for Azure Sentinel.
y0nil/kusto.blog
A technical blog about Kusto
austin-lai/Collection-of-Azure-Monitor-or-Sentinel-Kusto-Queries
Collection of Azure Monitor or Sentinel Kusto Queries
austin-lai/Collection-of-AzureSentinel-Playbook
Collection of Azure Sentinel - Playbook | Logic App (Template)
clouddrove/terraform-azure-sentinel
This terraform module is designed to create azure Sentinel resources. Microsoft Sentinel natively incorporates proven Azure services, like Log Analytics and Logic Apps. Microsoft Sentinel enriches your investigation and detection with AI. It provides Microsoft's threat intelligence stream and enables you to bring your own threat intelligence
hisashin0728/SentinelAzureOpenAI
Microsoft Sentinel / Azure Open AI 演習のレポジトリです。
SvenAelterman/AzSentinel-syslogfwd-HA
Azure ARM (bicep) template for deploying a high availability syslog/CEF forwarder setup using Azure VMs.
Cyberproof/Azure-Sentinel-Logstash
A containerized Logstash ready to send data to Log Analytics or Event Hub
mtnmunuklu/AzureSentinelToExcel
This project used for convert azure sentinel rules to excel
gypthecat/maxmind-kusto
MaxMind Geo and ASN Data for Kusto
T13nn3s/microsoft
Microsoft related PowerShell scripts and KQL queries
austin-lai/Collection-of-AzureSentinel-AnalyticsRules-Template
Collection of Azure Sentinel - Analytics Rules (Template)
darvinpatel/sentinel-walkthrough
This repository provides a comprehensive guide and scripts for setting up and managing Microsoft Sentinel. It includes step-by-step instructions and automation tools for configuring Sentinel, integrating data sources, and creating security alerts and dashboards for enhanced threat detection.
FabianBorz01/KQL-queries
My KQL queries :) Feel free to use and improve them.
hisashin0728/AutoClosing-SAMPLEALERT-FromMDfC
AutoClosing-SAMPLEALERT-FromMDfC
hisashin0728/SentinelAzureOpenAIQueryCheck
This repository provides summarization Schedule Analytics Rules in Sentinel Incident
McL0vinn/MicrosoftDefender-DiscordCNC
Threat-Hunting KQL query which identifies machines that utilize powershell, cmd or wmic to connect to any URL that includes “cdn.discordapp.com” ,where the action was initiated by a script execution ( .vbs , .bat etc)
McL0vinn/MicrosoftDefender-Kaseya_IOCs
Simple KQL query that can be run either in MD for Endpoint (Threat hunting or Custom indicator) or in Azure Sentinel (Threat hunting or analytics rule).It's looking for 4 known IOCs related to the Kaseya attack
DrPwner/KQL-Manager
KQL Local Manager, allows you to manage and organize KQL Queries in a central Database.
miguel-pgomes/Azure-content
Azure related content
mlaraibkhan/az.sentinel-security-content
Microsoft Sentinel Custom Content
quantum-sec/terraform-azurerm-workbooks
Terraform modules for deploying and managing Azure workbooks.
darvinpatel/sentinelMap
This repository offers tools and scripts for mapping and visualizing Microsoft Sentinel data. It includes utilities for extracting, analyzing, and presenting security information from Sentinel, helping to create detailed security maps and dashboards for improved threat analysis.
epomatti/azure-sentinel
Sentinal capabilities implemented
hisashin0728/SentinelTeamsNotifyEnrichment
This Repository provides notification to Microsoft Teams by Adaptive Card.
Jackmundo/sentinel4beginners
This project was designed to help beginners or those new to setting up MS Sentinel with setting up your own little home lab (on the free trial version, can do this with the $200 credit provided by Microsoft)
joelst/Sentinel
Collection of Microsoft Sentinel scripts, queries, and nicknacks