You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Kusto Query Language is a powerful tool to explore your data and discover patterns, identify anomalies and outliers, create statistical modeling, and more. The query uses schema entities that are organized in a hierarchy similar to SQLs: databases, tables, and columns
The SOC Entity Triage workbook is designed to enhance the triage process for security operation centers (SOCs) by providing a comprehensive and interactive analysis tool within Azure Sentinel. This workbook aims to streamline the investigation of entities such as IP addresses, hostnames, AD users, and email accounts,.
This repository contains a selection of Kusto Query Language (KQL) queries designed for proactive threat hunting. Aligned with the MITRE ATT&CK framework, these queries are crafted to detect and address potential threats effectively.
The Powershell script in this repository is responsible for parsing out Windows Event Log information for failed RDP attacks and using a third party API to collect geographic information about the attackers location.
This project aims on Cost savings to Azure consumers by identifying Unused or Idle Resources with Azure Cost Optimization best practices. Costly resources such as Application Gateway