The Microsoft Sentinel Triage AssistanT (STAT) enables easy to create incident triage automation in Microsoft Sentinel
-
Updated
May 22, 2024 - PowerShell
The Microsoft Sentinel Triage AssistanT (STAT) enables easy to create incident triage automation in Microsoft Sentinel
Microsoft Sentinel / Azure Open AI 演習のレポジトリです。
A collection of things I've created or found that I think is useful for Azure Sentinel.
This terraform module is designed to create azure Sentinel resources. Microsoft Sentinel natively incorporates proven Azure services, like Log Analytics and Logic Apps. Microsoft Sentinel enriches your investigation and detection with AI. It provides Microsoft's threat intelligence stream and enables you to bring your own threat intelligence
Sentinal capabilities implemented
Microsoft Sentinel SOC Operations
Terraform modules for deploying and managing Azure workbooks.
Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
This Repository provides notification to Microsoft Teams by Adaptive Card.
This repository provides summarization Schedule Analytics Rules in Sentinel Incident
AutoClosing-SAMPLEALERT-FromMDfC
A technical blog about Kusto
Azure related content
Repository with Sample KQL Query examples for Threat Hunting
Collection of Azure Monitor or Sentinel Kusto Queries
Collection of Azure Sentinel - Playbook | Logic App (Template)
Collection of Azure Sentinel - Analytics Rules (Template)
Add a description, image, and links to the azure-sentinel topic page so that developers can more easily learn about it.
To associate your repository with the azure-sentinel topic, visit your repo's landing page and select "manage topics."