This workspace contains all the code (ARM templates and PowerShell) referenced inside my Medium article about the Sentinel Workspace Manager.
-
Updated
Jun 12, 2023 - PowerShell
This workspace contains all the code (ARM templates and PowerShell) referenced inside my Medium article about the Sentinel Workspace Manager.
Pull Edgescan assets, hosts, and vulnerabilities into Microsoft Sentinel custom logs
Disable Azure AD user accounts from Microsoft Sentinel account entities
Microsoft Sentinel rules for Azure CIS Benchmark Ver.1.4.0
Extract domains from Microsoft Sentinel incidents and add them to a Zscaler custom URL category
Azure Active Directory Identity Protection Custom Rule for Microsoft Sentinel
Disable Azure AD user accounts from Microsoft Sentinel incidents
Enable Azure AD user accounts from Microsoft Sentinel incidents
Content supporting the Microsoft hands-on at DSAG Technology Days March 2023
Block File Hashes found in Microsoft Sentinel Incidents in Defender
Revoke Entra ID user sessions from Microsoft Sentinel entities
Tag machines in Microsoft Defender from a Microsoft Sentinel Incident
Block GitHub users from Microsoft Sentinel incidents
This repository provides summarization Schedule Analytics Rules in Sentinel Incident
Use dnstwist to monitor for lookalike domains and send logs to Azure Log Analytics
Enable Azure AD user accounts from Microsoft Sentinel account entities
Microsoft Sentinel fork of Adaz 🔧 Deploy customizable Active Directory labs in Azure - automatically.
App to ingest Threat Intelligence (TI) into a Firewall
Add IPs from Microsoft Sentinel Incidents to an Okta Network Zone Blocklist
Add a description, image, and links to the microsoft-sentinel topic page so that developers can more easily learn about it.
To associate your repository with the microsoft-sentinel topic, visit your repo's landing page and select "manage topics."