Tag machines in Microsoft Defender from a Microsoft Sentinel Incident
-
Updated
Sep 29, 2022
Tag machines in Microsoft Defender from a Microsoft Sentinel Incident
Simple KQL query that can be run either in MD for Endpoint (Threat hunting or Custom indicator) or in Azure Sentinel (Threat hunting or analytics rule).It's looking for 4 known IOCs related to the Kaseya attack
Parser for Microsoft Defender real-time protection statistics
This Repository provides detection rule when Recommendation of Microsoft Defender for Cloud state was changed to "Unhealthy".
Technical DevOps recipes for a Production Grade Datacenter in Microsoft Azure
Microsoft related PowerShell scripts and KQL queries
Azure Virtual Machine (VM) with Just-in-Time access
Automated Migration from 3rd party AV to Microsoft Defender AV
Company Profile
This tool is a batch file to restore all quarantined items from the "Quarantine" folder of Microsoft Defender.
Install Microsoft Defender for Identity on Windows Server Core and remove Microsoft Advanced Threat Analytics, if it is present.
This article is about Microsoft Defender for Cloud Apps, exploring its functionalities and practical use cases to illuminate how it fortifies cloud security.
Stardust is a dashboard linked to Nmap, Jira, Microsoft Defender(partially) & Graph, made to monitor computers healthyness in C#/ASP.NET & BlazorServer.
WindowsNinja - Unleash the Power of Windows System Information Gathering! 🖥️🕵️✨ Harness the capabilities of WindowsNinja to silently gather detailed information about your Windows system. Analyze your system's defenses, expose configurations. 🕵️♂️💻 Dive into the depths of your Windows environment with WindowsNinja.
Adapted from https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/linux-install-with-puppet
Block File Hashes found in Microsoft Sentinel Incidents in Defender
Add comments containing Microsoft Defender exposure level to Microsoft Sentinel incidents
Advanced Interactive Security Workshop
Deploy Microsoft Defender Endpoint for Linux with Ansible
Everything about Microsoft Cloud Security!
Add a description, image, and links to the microsoft-defender topic page so that developers can more easily learn about it.
To associate your repository with the microsoft-defender topic, visit your repo's landing page and select "manage topics."