Azure-Sentinel/Tutorials/Microsoft 365 Defender/Webcasts
..
TrackingTheAdversary
l33tSpeak
Airlift 2021 - Lets Invoke.csl
Ignite 2020 - Best practices for hunting across domains with Microsoft 365 Defender.txt
README.md

README.md

Webcasts

This repository will contain query files used in our public training \ webcasts for reuse within your instance of Microsoft 365 Defender


Tracking the Adversary

Signup Link

This four-part series provides an introduction to advanced hunting in Microsoft Threat Protection including

  • An introduction to Kusto Query Language (KQL)
  • Descriptions of each table available (as of the date of the webcast)
  • Examples to help maximize your hunting skills in Advanced Hunting
  • An example incident triage almost exclusively using Advanced Hunting