Disable Azure AD user accounts from Microsoft Sentinel account entities
-
Updated
Dec 6, 2023
Disable Azure AD user accounts from Microsoft Sentinel account entities
This workspace contains all the code (ARM templates and PowerShell) referenced inside my Medium article about the Sentinel Workspace Manager.
Pull Edgescan assets, hosts, and vulnerabilities into Microsoft Sentinel custom logs
Extract domains from Microsoft Sentinel incidents and add them to a Zscaler custom URL category
Tag machines in Microsoft Defender from a Microsoft Sentinel Incident
Microsoft Sentinel rules for Azure CIS Benchmark Ver.1.4.0
Azure Active Directory Identity Protection Custom Rule for Microsoft Sentinel
Add IPs from Microsoft Sentinel Incidents to an Okta Network Zone Blocklist
Block GitHub users from Microsoft Sentinel incidents
This repository provides summarization Schedule Analytics Rules in Sentinel Incident
Use dnstwist to monitor for lookalike domains and send logs to Azure Log Analytics
Enable Azure AD user accounts from Microsoft Sentinel account entities
Disable Azure AD user accounts from Microsoft Sentinel incidents
Enable Azure AD user accounts from Microsoft Sentinel incidents
Content supporting the Microsoft hands-on at DSAG Technology Days March 2023
Block File Hashes found in Microsoft Sentinel Incidents in Defender
Revoke Entra ID user sessions from Microsoft Sentinel entities
Run Spiderfoot scans on account entities from Microsoft Sentinel incidents
Add a description, image, and links to the microsoft-sentinel topic page so that developers can more easily learn about it.
To associate your repository with the microsoft-sentinel topic, visit your repo's landing page and select "manage topics."