swiftsolves-msft's repositories
Azure-Sentinel-CiscoUmbrella
Reworked assets for Azure Sentinel using Cisco Umbrella logs as source. Includes logstash config for Cisco Umbrella using Cisco managed AWS S3
Azure-Sentinal-Mimecast
assets for Azure Sentinel using Mimecast SIEM and TTP logs as source. Includes .ps1 Azure functions for obtaining logs using Mimecast APIs.
Azure-Sentinel-Aviatrix
Assets for Azure Sentinel using Aviatrix and NetFlow logs as source. Includes logstash config for Aviatrix NetFlow to listen.
projectlearn
The following project is geared towards automating and using different services within Windows and Azure. Services like Azure NetApp Files, Azure Firewall, and Guest Policy (DSC). We will use WVD as the core service in this project. The focus will be delivering other services that should be used with WVD, but not WVD itself. WVD is already fairly automated.
AdaptiveNetworkLab
Lab to test out Azure Security Center Adaptive Network Hardening
AFDWAFRules
Azure Front Door WAF Custom Rules
ASC-Workflow-Automation
Azure Security Center Workflow automation on recommendations and detections.
ASR-AzuretoAzureLab
Example of using ASR Azure to Azure in a hub spoke peering model using ADDC,AADCONNECT,ADFS,WAP and FTP servers. The following lab will explore various ASR concepts and inner and outer configuration of a fail over.
ASR-HUB-SPOKE-FTP
Example of using ASR Azure to Azure in a hub spoke peering model using ADDC and FTP servers.
Azure-File-Sync-Dive
Azure Workshop for Azure File Sync
azure-quickstart-templates
Azure Quickstart Templates
Azure-Sentinel-OCIData
hello world
AzureDefenderEnterpriseRollOut
Guidance and assets for Azure Defender rollout at an enterprise
AzureEntOps
repo for automation scripts to automate enterprise ops - subscription factory
AzureFirewall
Contains custom rules for Azure Firewall
AzuretoAWSLab
With AWS IKEv2 support available the following lab creates Azure Hub-Spoke and connects over S2S VPN using Azure and AWS native Gateways to a AWS VPC. This lab can be used to test connection and routing within both VPC and VNET.
dashboards
dashboards
DropConnect
This will be a working example of how to drop an existing persisted connection on a Azure VM when a NSG rule, AzureFW rule, or JIT Access Expires is applied
LogAnalyticsEnrichSample
The following exmaple is using an existing Log Anlytics table of Office 365 data and querying it out with a Azure Function. The Function take the Public IP in each unique rowe of results and queries another API to bring in a CountryofOrigin value that is not present in the original Office 365 Activity Data.
NSGFlowLogs
placeholder
SplunkforAviatrix
The repository of Splunk Application for Aviatrix Controller and Gateway logs.
TargetResearch
Scripts and Programs that help with potential targeting.
terraform-on-azure
Demonstrates using Terraform on Azure
terraform-provider-azurerm
Terraform provider for Azure Resource Manager