Rules I have researched for Microsoft Sentinel in my spare time. If someone wants to offer me a job I am open. Anyone can use this. Please credit me if you can
This will use primarily KQL as ist used in Azure / Microsoft Sentinel
please star it if you like it
DISCLAIMER: These rules are all in development and are not to be relied on. Please suit to your environment and requirement
fix sigma rule number 7 as title doesn't match
Sentinel-Rules/Office Activity /Ransom Note Detected in Sharepoint.txt Sentinel-Rules/Office Activity /Ransom Note .txt these are the same