Skip to content

abdulcybersec/Hunting-Queries-Detection-Rules-

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
BitLocker-Key
BitLocker-Key
 
 
Email Events
Email Events
 
 
OfficeActivity
OfficeActivity
 
 
README.md
README.md
 
 
Security Event
Security Event
 
 

Repository files navigation

KQL Queries for Defender XDR, Microsoft Sentinel, and Other Microsoft Solutions

This repository aims to provide accessible KQL queries for a broad audience. These queries are designed to enhance detection capabilities within the logs of Microsoft Security products. While not all suspicious activities trigger alerts by default, many can be detected through log analysis. The repository includes Detection Rules, Hunting Queries, and Visualizations. Users are encouraged to leverage these queries to improve their security posture.

About

KQL Queries. Microsoft Defender, Microsoft Sentinel

www.linkedin.com/in/abdul-mujeeb-116215171?utm_source=share&utm_campaign=share_via&utm_content=profile&utm_medium=ios_app

Topics

azure sentinel defender kql

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published