Hunting-Queries-Detection-Rules
Hunting-Queries-Detection-Rules copied to clipboard

→

Metadata

KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.

Reame
Issues

Results 1 Hunting-Queries-Detection-Rules issues

Sort by recently updated

Add monitoring for cloud break glass accounts

Hey there This detection rule would be able to detect if any activity is performed from a cloud break glass account. this helps to monitor any activities performed by these...

erikgruetter

About

KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.

security

cybersecurity

infosec

sentinel

azure

threat-hunting

blueteam

dfir

misp

vulnerability-management

mde

defender-for-endpoint

kql

zero-day

mdi

1.0k

Stars

188

Forks

Watchers

Owner

Bert-JanP

← Metadata

1.0k

Stars

188

Forks

Watchers

Owner

Bert-JanP

Metadata

KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.

Back

Hunting-Queries-Detection-Rules Hunting-Queries-Detection-Rules copied to clipboard

Metadata

Add monitoring for cloud break glass accounts

← Metadata

Owner

Metadata

Hunting-Queries-Detection-Rules
Hunting-Queries-Detection-Rules copied to clipboard