Pinned
Repositories
- Azure-Sentinel Public Forked from Azure/Azure-Sentinel
Cloud-native SIEM for intelligent security analytics for your entire enterprise.
- AS-Revoke-Azure-AD-User-Session-From-Incident Public
Revoke Entra ID user sessions from Microsoft Sentinel incidents
- AS-Revoke-Azure-AD-User-Session-From-Entity Public
Revoke Entra ID user sessions from Microsoft Sentinel entities
- AS-IAM-Master-Playbook Public
Run four identity access management playbooks at once from a Microsoft Sentinel incident
- AS-IAM-Entra-ID-Master-Playbook Public
Run two identity access management playbooks at once from a Microsoft Sentinel incident
- AS-Clear-Okta-Network-Zone-List Public
Clear out all but one of the IPs from an Okta Network Zone list
- AS-Terminate-Okta-User-Session-From-Entity Public
Terminate an Okta user's session from a Microsoft Sentinel Entity
- AS-MDE-Isolate-Machine Public
- AS-MDE-Unisolate-Machine Public
- AS-Add-Azure-AD-User-Job-Title-to-Incident Public
Look up the Azure AD user accounts associated with the entities from Microsoft Sentinel incidents and add the Azure AD job titles in an Incident comment