swiftsolves-msft

PowerShell-Scripts

PowerShell Scripts, Snippets, bare minmium ideas

Defender-for-Cloud-Alert-Reference

#Defender for Cloud Alert Reference

decks

The following Repo are for Public Slide Decks that may be of interest

Community-GuestConfiguration

The following guest configuration artifacts removes the intial authoring steps 1-4. The remaining steps are publishing the artifacts to your Azure subscription and registering the Azure Policy.

Azure-TPot

Azure TPot Deployment

mde

MDE miscellaneous stuff

Microsoft-Sentinel-ZScalerZIANSSCloud

Policy

Azure Policy

kql

kql query examples

Microsoft-Azure-SIEM-Pipeline

Here you will find architectures and configuration collected around sending Alerts and Logs from Microsoft and Azure platforms and products to 3rd party SIEM

Azure-Analytics-and-AI-Engagement

Azure Analytics and AI Engagement

azure-docs

Open source documentation of Microsoft Azure

Azure-Network-Security

Resources for improving Customer Experience with Azure Network Security

Azure-Security-Center

Welcome to the Azure Security Center community repository

Azure-Sentinel

Cloud-native SIEM for intelligent security analytics for your entire enterprise.

CfS

Repo for storing sample prompts, prompt templates, promptbooks, plugin development and all things exploring with Copilot for Security

changeanalysis-webapp-storage-sample

sample used in change analysis documentation to view Azure web app and storage changes

Community-Policy

This repo is for Microsoft Azure customers and Microsoft teams to collaborate in making custom policies.

Copilot-For-Security

Microsoft Copilot for Security is a generative AI-powered security solution that helps increase the efficiency and capabilities of defenders to improve security outcomes at machine speed and scale, while remaining compliant to responsible AI principles

Labs

Securing Azure Practice Lab Environments

LiveResponseToolsSync

LogicApps

Misc LogisApps built

Microsoft-Sentinel-ZScalerZIANSSAMA

personal

Personal projects I am working on non Microsoft or Security related.

RepositoriesSampleContent

SimuLand

Understand adversary tradecraft and improve detection strategies

Tanium

Threat-Protection-CWPP-MindMap

The following tool link below can be used to explore Defender for Cloud's - Cloud Workload Platform Protection (CWPP) core services it can cover and capabilities. While not exhaustive to every detection it provides a learning tool Mind Map to help explore each set of services covered under threat protection, capabilities with detailed notes, and links to reference alerts or unique blogs or scenarios written about.

tpotce

🍯 T-Pot - The All In One Honeypot Platform 🐝

workshop-arc

Azure Workshop using a E8s_V3 - Nested Hyper-V with DC, FileServer, and Ubuntu. Can be used to create workshops involving Hybrid scenarios for customer to test like Arc, Backups, ASR, OMS, and other scenarios