Skip to content

microsoft/MSEntraIDProtectionGuidance

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

MS Entra ID Protection Guidance

A Microsoft open-source initiative aimed at helping defender teams to arm responders with the knowledge to properly respond to compromise of Microsoft Entra Tenants. Although some example hunting queries for Microsoft Sentinel and Microsoft Defender XDR Advanced Hunting are provided in this guidance, the advice and recommendations are designed to be used by anyone, regardless of security technology stack. This guidance should be shared with internal response teams or incident response partners.

Contributing

This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.opensource.microsoft.com.

When you submit a pull request, a CLA bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., status check, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.

Trademarks

This project may contain trademarks or logos for projects, products, or services. Authorized use of Microsoft trademarks or logos is subject to and must follow Microsoft's Trademark & Brand Guidelines. Use of Microsoft trademarks or logos in modified versions of this project must not cause confusion or imply Microsoft sponsorship. Any use of third-party trademarks or logos are subject to those third-party's policies.

Disclaimer

This document provides general guidance to aid organizations in their mitigation of risk around potentially exposed credentials. Risk mitigation strategies for potentially exposed credentials will be fact dependent and are one component of a comprehensive organizational risk assessment. This guidance is provided AS IS without warranty of any kind. Microsoft disclaims the completeness and applicability of the results obtained by means of executing this guidance. Microsoft further disclaims all implied warranties including, without limitation, any implied warranties of merchantability or of fitness for a particular purpose. In no event shall Microsoft, its authors, or anyone else involved in the creation, production, or delivery of the guidance be liable for any damages whatsoever (including, without limitation, damages for loss of business profits, business interruption, loss of business information, or other pecuniary loss) arising out of the use of or inability to use the guidance or documentation, even if Microsoft has been advised of the possibility of such damages.

About

MS Entra ID Protection Guidance

Resources

License

Code of conduct

Security policy

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published