7 results found Sort:
- Filter by Primary Language:
- PowerShell (2)
- Jupyter Notebook (1)
- YARA (1)
- +
Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).
Created
2020-11-02
22 commits to main branch, last one 9 months ago
A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 Defender).
Created
2022-07-19
329 commits to main branch, last one 15 days ago
Microsoft Sentinel SOC Operations
Created
2020-02-27
368 commits to master branch, last one 2 months ago
The Microsoft Sentinel Triage AssistanT (STAT) enables easy to create incident triage automation in Microsoft Sentinel
Created
2021-10-13
712 commits to main branch, last one about a month ago
In this repository you may find KQL (Kusto Query Language) queries and Watchlist schemes for data sources related to Microsoft Sentinel (a SIEM tool).
Created
2022-07-19
1,678 commits to main branch, last one 2 days ago
A collection of various SIEM rules relating to malware family groups.
Created
2022-12-05
52 commits to master branch, last one 3 months ago
Ian Hanley's deceptively simple KQL queries.
Created
2023-04-29
129 commits to Main branch, last one about a month ago