Skip to content
/ AdvancedHunting Public

Advanced Hunting KQL Queries for M365 Defender for Identity/Endpoint/Office 365 etc..

License

MIT license
3 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

hedbergtech/AdvancedHunting

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
Defender for Endpoint
Defender for Endpoint
 
 
Defender for Identity
Defender for Identity
 
 
Defender for Office 365
Defender for Office 365
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

AdvancedHunting

Advanced Hunting KQL Queries for M365 Defender for Identity/Endpoint/Office 365 etc.

These queries are supplied using the MIT license and are provided as-is. They offer no warranty.

Select a KQL query from this repo and customize to your environment to find and alert on specific incidents that might go unnoticed by the Defender products in general.

//Viktor

About

Advanced Hunting KQL Queries for M365 Defender for Identity/Endpoint/Office 365 etc..

Resources

Readme

License

MIT license
Activity

Stars

3 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published