903c6fbe27
* M365D tutorials and tools Added webcasts and pbi to the right folders in Sentinel repo * Update Episode 1 - KQL Fundamentals.txt * Update Episode 2 - Joins.txt removed en-us from links * Update Episode 4 - Lets Hunt.txt removed en-us from links * Update MCAS - The Hunt.txt removed links with en-us * Update Performance, Json and dynamics operator, external data.txt removed en-us from links * Update MCAS - The Hunt.txt removed en-us * Update Airlift 2021 - Lets Invoke.csl removed en-us |
||
|---|---|---|
| .. | ||
| TrackingTheAdversary | ||
| l33tSpeak | ||
| Airlift 2021 - Lets Invoke.csl | ||
| Ignite 2020 - Best practices for hunting across domains with Microsoft 365 Defender.txt | ||
| README.md | ||
README.md
Webcasts
This repository will contain query files used in our public training \ webcasts for reuse within your instance of Microsoft 365 Defender
Tracking the Adversary
This four-part series provides an introduction to advanced hunting in Microsoft Threat Protection including
- An introduction to Kusto Query Language (KQL)
- Descriptions of each table available (as of the date of the webcast)
- Examples to help maximize your hunting skills in Advanced Hunting
- An example incident triage almost exclusively using Advanced Hunting