SentinelOne STAR Rules and Threat Hunts:::::::::::::::
#Command tradecraft detections for Malware and other behaviors used by Ransomware Operators and APT.
#The following Repository Contains STAR rules and Threat Hunts for the EDR S0lution SentinelOne.
STAR - custom detection rules, SOC teams can turn queries from Deep Visibility, SentinelOne’s EDR data collection and querying mechanism, into automated hunting rules that trigger alerts and responses when rules detect matches. STAR also allows users an automated way to look at every endpoint event collected across their entire fleet and evaluate each of those events against a list of rules.
Hunt - Lower fidelity rules to cast a wide net for certain behaviors which may be used for hunting within an environment and could potentially be turned into a higher fidelity STAR rule.
