Azure-Sentinel

История

PrasadBoke 6b5305efa5 Added removed filed		2024-04-11 15:41:27 +05:30
..
ActiniumIOC.csv	Detection Queries related to actor tracked by Microsoft as Actinium	2022-02-04 09:13:58 -08:00
AzureBuiltInRole.csv	Add files via upload	2022-07-26 21:16:39 -07:00
CMMCPolicyMapping.csv	Merge branch 'master' into CMMCPolicyMapping	2021-10-04 18:11:02 -07:00
ChiaCryptoIOC.csv	Update ChiaCryptoIOC.csv	2021-06-28 15:34:18 -07:00
CommandsInURL.csv	added csv and watchlist support	2023-06-26 17:13:21 +05:30
DEV-0322_SolarWinds_Serv-U_IoC.csv	Add files via upload	2021-07-13 13:15:39 -07:00
DEV-0586.csv	Update DEV-0586.csv	2022-01-16 16:09:41 -08:00
Dev-0530_July2022.csv	Update Dev-0530_July2022.csv	2022-08-01 09:59:43 -07:00
EmpireCommandString.txt	Moved EmpireCommandString.txt to Sample Data\Feeds folder	2023-04-20 15:53:06 +05:30
Europium_September2022.csv	Update Europium_September2022.csv	2022-09-08 07:12:32 -07:00
EventLogManagement.csv	Update EventLogManagement.csv	2021-11-23 16:25:10 -05:00
FoggyWebIOC.csv	Add files via upload	2021-09-27 11:07:33 -07:00
HiveRansomwareJuly2022.csv	Update HiveRansomwareJuly2022.csv	2022-07-05 07:23:49 -07:00
LocalFileInclusionIndicators.csv	added csv and watchlist support	2023-06-26 17:13:21 +05:30
Log4j_IOC_List.csv	Updating the latest IP IOC CSV for Log4j	2022-04-21 22:14:08 -07:00
M2131RecommendedDataTables.csv	Update M2131RecommendedDataTables.csv	2021-11-23 18:34:02 -05:00
MSTIC IoCs - Exchange Server Vulnerabilities Readme.txt	updated links	2021-03-08 16:19:56 -08:00
MSTICIoCs-ExchangeServerVulnerabilitiesDisclosedMarch2021.csv	Updated CSV and JSON for 1 ARP 2021 release	2021-04-01 12:35:07 -04:00
MSTICIoCs-ExchangeServerVulnerabilitiesDisclosedMarch2021.json	Updated CSV and JSON for 1 ARP 2021 release	2021-04-01 12:35:07 -04:00
Mercury_August2022.csv	Update Mercury_August2022.csv	2022-08-25 06:53:52 -07:00
Microsoft.Covid19.Indicators.csv	Indicator publish: 11/2/2020 9:11:16 PM	2020-11-02 13:11:18 -08:00
Microsoft.Covid19.Indicators.json	Indicator publish: 11/2/2020 9:11:19 PM	2020-11-02 13:11:21 -08:00
Microsoft.IoT-Dump-pwd-infected.zip	Add files via upload	2020-04-24 14:57:46 -07:00
Microsoft.OAuth.KnownApplications.csv	Update MaliciousOAuthApp_O365AttackToolkit.yaml (#7397 )	2023-03-09 11:50:42 +05:30
NISTSP800171PolicyMapping.csv	Create NISTSP800171PolicyMapping.csv	2021-11-27 08:12:46 -05:00
ReadMe.md	updating readme	2020-05-14 19:04:57 +01:00
RiskyFileExtensionsInUrl.csv	added csv and watchlist support	2023-06-26 17:13:21 +05:30
SEABORGIUMIOC.csv	Update SEABORGIUMIOC.csv	2023-02-09 10:46:46 +01:00
SOURGUM.csv	Update SOURGUM.csv	2021-07-15 07:47:39 -07:00
Tarrask.csv	Updating the CSV file for the Tarrask queries.	2022-04-12 08:53:00 -07:00
TestIOCs.csv	Added removed filed	2024-04-11 15:41:27 +05:30
UnusualUserAgents.csv	replacing with old UAFile	2023-06-28 16:42:09 +05:30
VPS_Networks.csv	removed trailing ]	2021-06-04 10:47:51 -07:00
WhiteListedDomainsForWebSessionUseCases.csv	added csv and watchlist support	2023-06-26 17:13:21 +05:30
ZeroTrustTIC3Mapping.csv	Update ZeroTrustTIC3Mapping.csv	2021-10-01 10:30:26 -04:00
ZincOctober2022IOCs.csv	Added removed filed	2024-04-11 15:41:27 +05:30

ReadMe.md

Folder to store threat intel indicator and feed data

Enabling security research & hunting with open source IoT attack data https://techcommunity.microsoft.com/t5/azure-sentinel/enabling-security-research-amp-hunting-with-open-source-iot/ba-p/1279037

Microsoft open-sources Covid19 threat intelligence: https://www.microsoft.com/security/blog/2020/05/14/open-sourcing-covid-threat-intelligence/

Using Azure Playbooks to import text-based threat indicators to Azure Sentinel: https://techcommunity.microsoft.com/t5/azure-sentinel/using-azure-playbooks-to-import-text-based-threat-indicators-to/ba-p/1383980

Integrating open source threat feeds with MISP and Azure Sentinel: https://techcommunity.microsoft.com/t5/azure-sentinel/integrating-open-source-threat-feeds-with-misp-and-sentinel/ba-p/1350371