Hunting queries and detections
-
Updated
Apr 4, 2024
Hunting queries and detections
Microsoft 365 Advanced Hunting Queries with hotlinks that plug the query right into your tenant
Add-on to onboard telemetry data via Microsoft Defender ATP hunting API in Splunk (ES)
A PowerShell module to interact with Microsoft's Defender for Endpoint API.
Deploy Microsoft Defender Endpoint for Linux with Ansible
Defender for Endpoint Advanced Hunting Queries
Custom made Query which you can run in your Microsoft Defender - Advanced Hunting tool to look for network activity related to Egregor Ransomware.
Use KQG and generate Kusto scripts | Used with Defender ATP
Config files for my GitHub profile.
PowerShell for Threat Management Explorer
Add a description, image, and links to the defender-atp topic page so that developers can more easily learn about it.
To associate your repository with the defender-atp topic, visit your repo's landing page and select "manage topics."