Microsoft Sentinel rules for Azure CIS Benchmark Ver.1.4.0
-
Updated
Jun 2, 2023
Microsoft Sentinel rules for Azure CIS Benchmark Ver.1.4.0
This workspace contains all the code (ARM templates and PowerShell) referenced inside my Medium article about the Sentinel Workspace Manager.
Pull Edgescan assets, hosts, and vulnerabilities into Microsoft Sentinel custom logs
Disable Azure AD user accounts from Microsoft Sentinel account entities
Tag machines in Microsoft Defender from a Microsoft Sentinel Incident
Azure Active Directory Identity Protection Custom Rule for Microsoft Sentinel
このレポジトリは Microsoft Sentinel のインシデントを Microsoft Teams に通知するサンプルテンプレートです。
Add IPs from Microsoft Sentinel Incidents to an Okta Network Zone Blocklist
Disable Azure AD user accounts from Microsoft Sentinel incidents
Enable Azure AD user accounts from Microsoft Sentinel incidents
Content supporting the Microsoft hands-on at DSAG Technology Days March 2023
Revoke Entra ID user sessions from Microsoft Sentinel entities
Block File Hashes found in Microsoft Sentinel Incidents in Defender
Microsoft Sentinel fork of Adaz 🔧 Deploy customizable Active Directory labs in Azure - automatically.
App to ingest Threat Intelligence (TI) into a Firewall
Block GitHub users from Microsoft Sentinel incidents
This repository provides summarization Schedule Analytics Rules in Sentinel Incident
Use dnstwist to monitor for lookalike domains and send logs to Azure Log Analytics
Enable Azure AD user accounts from Microsoft Sentinel account entities
Add a description, image, and links to the microsoft-sentinel topic page so that developers can more easily learn about it.
To associate your repository with the microsoft-sentinel topic, visit your repo's landing page and select "manage topics."