MISP2Sentinel
A Python integration that fetches Threat Intelligence from MISP and publishes it to Microsoft Sentinel SIEM. (by hazcod)
Hunting-Queries-Detection-Rules
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules. (by Bert-JanP)
MISP2Sentinel | Hunting-Queries-Detection-Rules | |
---|---|---|
2 | 7 | |
6 | 1,011 | |
- | - | |
4.4 | 9.3 | |
3 months ago | 8 days ago | |
Python | Python | |
Apache License 2.0 | BSD 3-clause "New" or "Revised" License |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
MISP2Sentinel
Posts with mentions or reviews of MISP2Sentinel.
We have used some of these posts to build our list of alternatives
and similar projects.
-
I'm looking at improving our IOC Management section in CrowdStrike Falcon, but I have a simple question.
I wrote https://github.com/hazcod/MISP2Sentinel for this
- misp2sentinel: container to push MISP attributes to Microsoft Sentinel over the Graph API
Hunting-Queries-Detection-Rules
Posts with mentions or reviews of Hunting-Queries-Detection-Rules.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2022-12-11.
- Advanced Hunting queries every admin should use
- Hunting Querie into a Detection rule
- MS Sentinel Analytics & KQL
- Analytical rules
- MDE Repointing Frequency
-
Least occurrence in MDE
This will be the query that you are looking for. I do have a lot more queries if you are interested: https://github.com/Bert-JanP/Hunting-Queries-Detection-Rules
- Must have analytic rules
What are some alternatives?
When comparing MISP2Sentinel and Hunting-Queries-Detection-Rules you can also consider the following projects:
Microsoft-365-Defender-Hunting-Queries - Sample queries for Advanced hunting in Microsoft 365 Defender
chatgpt-raycast - ChatGPT raycast extension
kusto-queries - example queries for learning the kusto language
Sentinel-Queries - Collection of KQL queries
AzureHunter - A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
Linux Security - Ways to attack and protect Linux 🧢
KQL - Threat Hunting query in Microsoft 365 Defender, XDR. Provide out-of-the-box KQL hunting queries - App, Email, Identity and Endpoint.
modelfirst - Draw Data Model Schema and generate code
Awesome-GPT-Agents - A curated list of GPT agents for cybersecurity
Hunting-Queries-Detection-Rules vs Microsoft-365-Defender-Hunting-Queries
Hunting-Queries-Detection-Rules vs chatgpt-raycast
Hunting-Queries-Detection-Rules vs kusto-queries
Hunting-Queries-Detection-Rules vs Sentinel-Queries
Hunting-Queries-Detection-Rules vs AzureHunter
Hunting-Queries-Detection-Rules vs Linux Security
Hunting-Queries-Detection-Rules vs KQL
Hunting-Queries-Detection-Rules vs modelfirst
Hunting-Queries-Detection-Rules vs Awesome-GPT-Agents