Disable Azure AD user accounts from Microsoft Sentinel account entities
-
Updated
Dec 6, 2023
Disable Azure AD user accounts from Microsoft Sentinel account entities
Pull Edgescan assets, hosts, and vulnerabilities into Microsoft Sentinel custom logs
Microsoft Sentinel rules for Azure CIS Benchmark Ver.1.4.0
Azure Active Directory Identity Protection Custom Rule for Microsoft Sentinel
Add comments containing Microsoft Defender exposure level to Microsoft Sentinel incidents
Add IPs from Microsoft Sentinel Incidents to an Okta Network Zone Blocklist
Tag machines in Microsoft Defender from a Microsoft Sentinel Incident
Block GitHub users from Microsoft Sentinel incidents
Enable Azure AD user accounts from Microsoft Sentinel account entities
Disable Azure AD user accounts from Microsoft Sentinel incidents
Enable Azure AD user accounts from Microsoft Sentinel incidents
Block File Hashes found in Microsoft Sentinel Incidents in Defender
Revoke Entra ID user sessions from Microsoft Sentinel entities
App to ingest Threat Intelligence (TI) into a Firewall
Run Spiderfoot scans on account entities from Microsoft Sentinel incidents
Sign out Google users from Microsoft Sentinel incidents
Extract domains from Microsoft Sentinel incidents and remove them from a Zscaler custom URL category
Managing Microsoft Sentinel with Azure Lighthouse
This workspace contains all the code (ARM templates and PowerShell) referenced inside my Medium article about the Sentinel Workspace Manager.
Extract domains from Microsoft Sentinel incidents and add them to a Zscaler custom URL category
Add a description, image, and links to the microsoft-sentinel topic page so that developers can more easily learn about it.
To associate your repository with the microsoft-sentinel topic, visit your repo's landing page and select "manage topics."