AdvancedHunting

Advanced Hunting KQL Queries for M365 Defender for Identity/Endpoint/Office 365 etc.

These queries are supplied using the MIT license and are provided as-is. They offer no warranty.

Select a KQL query from this repo and customize to your environment to find and alert on specific incidents that might go unnoticed by the Defender products in general.

//Viktor

Name		Name	Last commit message	Last commit date
Latest commit History 11 Commits
Defender for Endpoint		Defender for Endpoint
Defender for Identity		Defender for Identity
Defender for Office 365		Defender for Office 365
LICENSE		LICENSE
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Defender for Endpoint

Defender for Endpoint

Defender for Identity

Defender for Identity

Defender for Office 365

Defender for Office 365

LICENSE

LICENSE

README.md

README.md

Repository files navigation

AdvancedHunting

About

Releases

Packages

License

hedbergtech/AdvancedHunting

Folders and files

Latest commit

History

Repository files navigation

AdvancedHunting

About

Resources

License

Stars

Watchers

Forks