…
|
||
---|---|---|
.. | ||
TrackingTheAdversary | ||
l33tSpeak | ||
Airlift 2021 - Lets Invoke.csl | ||
Ignite 2020 - Best practices for hunting across domains with Microsoft 365 Defender.txt | ||
README.md |
README.md
Webcasts
This repository will contain query files used in our public training \ webcasts for reuse within your instance of Microsoft 365 Defender
Tracking the Adversary
This four-part series provides an introduction to advanced hunting in Microsoft Threat Protection including
- An introduction to Kusto Query Language (KQL)
- Descriptions of each table available (as of the date of the webcast)
- Examples to help maximize your hunting skills in Advanced Hunting
- An example incident triage almost exclusively using Advanced Hunting