kql
Here are 104 public repositories matching this topic...
KQL Queries. Microsoft 365 Defender, Microsoft Sentinel
-
Updated
Jun 3, 2024
Defender XDR Advanced Hunting Queries (MDE, MDAV, Device Discovery)
-
Updated
Jun 3, 2024 - PowerShell
C# KQL query engine with flexible I/O layers and visualization
-
Updated
Jun 1, 2024 - C#
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
-
Updated
May 30, 2024 - Python
Repository with Sentinel Analytics Rules and Hunting Queries
-
Updated
May 29, 2024
A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 Defender).
-
Updated
May 23, 2024
Hunting Queries for Defender ATP
-
Updated
May 23, 2024
Technical content and slides from conference sessions presented by Abhi Jayanty
-
Updated
May 21, 2024
This repository contains a selection of Kusto Query Language (KQL) queries designed for proactive threat hunting. Aligned with the MITRE ATT&CK framework, these queries are crafted to detect and address potential threats effectively.
-
Updated
May 21, 2024
CyberSec Projects
-
Updated
May 17, 2024
This project aims on Cost savings to Azure consumers by identifying Unused or Idle Orphan Resources with Azure Cost Optimization best practices. Costly resources such as Application Gateway, App Service plan, PowerBI Embedded capacity, SQL database, Cosmos DB, Storages, etc can be assessed.
-
Updated
May 8, 2024
Improve this page
Add a description, image, and links to the kql topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the kql topic, visit your repo's landing page and select "manage topics."