Copilot-For-Security icon indicating copy to clipboard operation
Copilot-For-Security copied to clipboard
verified publisher icon Azure

IOC Query Builder and ASR Custom Plugins

Open alfonso-greenbrook opened this issue 1 year ago • 3 comments

Two custom plugins:

  1. GPT - IOC query builder (just KQL for now, but scope to extend to other SIEM query languages).
  2. KQL - Summary of ASR rules based on DeviceEvents table.

alfonso-greenbrook avatar Sep 04 '24 19:09 alfonso-greenbrook

@KwachSean another 2 plugins for review.

alfonso-greenbrook avatar Sep 04 '24 19:09 alfonso-greenbrook

@alfonso-greenbrook provide sample prompts to use the plugin

KwachSean avatar Oct 24 '24 09:10 KwachSean

Have added example prompts to both readme.md and .yaml files.

alfonso-greenbrook avatar Nov 15 '24 00:11 alfonso-greenbrook