swiftsolves-msft

Azure-Sentinel-CiscoUmbrella

Reworked assets for Azure Sentinel using Cisco Umbrella logs as source. Includes logstash config for Cisco Umbrella using Cisco managed AWS S3

Azure-Sentinel-Playbooks

Azure-Sentinal-Mimecast

assets for Azure Sentinel using Mimecast SIEM and TTP logs as source. Includes .ps1 Azure functions for obtaining logs using Mimecast APIs.

Azure-Sentinel-Aviatrix

Assets for Azure Sentinel using Aviatrix and NetFlow logs as source. Includes logstash config for Aviatrix NetFlow to listen.

projectlearn

The following project is geared towards automating and using different services within Windows and Azure. Services like Azure NetApp Files, Azure Firewall, and Guest Policy (DSC). We will use WVD as the core service in this project. The focus will be delivering other services that should be used with WVD, but not WVD itself. WVD is already fairly automated.

AdaptiveNetworkLab

Lab to test out Azure Security Center Adaptive Network Hardening

AFDWAFRules

Azure Front Door WAF Custom Rules

ASC-Workflow-Automation

Azure Security Center Workflow automation on recommendations and detections.

ASR-AzuretoAzureLab

Example of using ASR Azure to Azure in a hub spoke peering model using ADDC,AADCONNECT,ADFS,WAP and FTP servers. The following lab will explore various ASR concepts and inner and outer configuration of a fail over.

ASR-HUB-SPOKE-FTP

Example of using ASR Azure to Azure in a hub spoke peering model using ADDC and FTP servers.

Azure-File-Sync-Dive

Azure Workshop for Azure File Sync

azure-quickstart-templates

Azure Quickstart Templates

Azure-Sentinel-OCIData

hello world

AzureDefenderEnterpriseRollOut

Guidance and assets for Azure Defender rollout at an enterprise

AzureEntOps

repo for automation scripts to automate enterprise ops - subscription factory

AzureFirewall

Contains custom rules for Azure Firewall

AzuretoAWSLab

With AWS IKEv2 support available the following lab creates Azure Hub-Spoke and connects over S2S VPN using Azure and AWS native Gateways to a AWS VPC. This lab can be used to test connection and routing within both VPC and VNET.

dashboards

dashboards

DCToolbox

Tools for Microsoft cloud fans

DropConnect

This will be a working example of how to drop an existing persisted connection on a Azure VM when a NSG rule, AzureFW rule, or JIT Access Expires is applied

DSC

LogAnalyticsEnrichSample

The following exmaple is using an existing Log Anlytics table of Office 365 data and querying it out with a Azure Function. The Function take the Public IP in each unique rowe of results and queries another API to bring in a CountryofOrigin value that is not present in the original Office 365 Activity Data.

Notebooks

Notebooks

NSGFlowLogs

placeholder

patch4cse

conceptual was to push patches or inner os things through Azure VMs Custom Script Extension

RiskyAPIs

Can be used when testing a newly created custom role, to see if there are inadvertent permissions granted on known risky Azure Management APIs.

SplunkforAviatrix

The repository of Splunk Application for Aviatrix Controller and Gateway logs.

TargetResearch

Scripts and Programs that help with potential targeting.

terraform-on-azure

Demonstrates using Terraform on Azure

terraform-provider-azurerm

Terraform provider for Azure Resource Manager