azure-sentinel topic

List azure-sentinel repositories

sentinel-attack

1.0k
Stars
207
Forks
Watchers

Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK

verified publisher icon netevert

Microsoft-Sentinel-SecOps

231
Stars
61
Forks
Watchers

Microsoft Sentinel SOC Operations

verified publisher icon eshlomo1

blue-teaming-with-kql

193
Stars
37
Forks
Watchers

Repository with Sample KQL Query examples for Threat Hunting

verified publisher icon ashwin-patil

pf-azure-sentinel

30
Stars
6
Forks
Watchers

Parse pfSense/OPNSense logs using Logstash, GeoIP tag entities, add additional context to logs, then send to Azure Sentinel for analysis.

verified publisher icon noodlemctwoodle

Sentinel_KQL

97
Stars
20
Forks
Watchers

In this repository you may find KQL (Kusto Query Language) queries and Watchlist schemes for data sources related to Microsoft Sentinel (a SIEM tool).

verified publisher icon ep3p

SentinelAutomationModules

203
Stars
56
Forks
Watchers

The Microsoft Sentinel Triage AssistanT (STAT) enables easy to create incident triage automation in Microsoft Sentinel

verified publisher icon briandelmsft