New Blog Posts | The Unified Microsoft Sentinel and Microsoft 365 Defender Repository

%3CLINGO-SUB%20id%3D%22%5C%26quot%3Blingo-sub-3174533%5C%26quot%3B%22%20slang%3D%22%5C%26quot%3Ben-US%5C%26quot%3B%22%3ENew%20Blog%20Posts%20%7C%20The%20Unified%20Microsoft%20Sentinel%20and%20Microsoft%20365%20Defender%20Repository%26lt%3B%5C%2Flingo-sub%26gt%3B%3CLINGO-BODY%20id%3D%22%5C%26quot%3Blingo-body-3174533%5C%26quot%3B%22%20slang%3D%22%5C%26quot%3Ben-US%5C%26quot%3B%22%3E%3CP%3E%3CSPAN%20class%3D%22%5C%26quot%3Blia-inline-image-display-wrapper%22%20lia-image-align-inline%3D%22%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Fgxcuf89792%2F%5C%26quot%3Bhttps%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F348797iAB638CB9E5F73C89%2Fimage-dimensions%2F661x362%3Fv%3Dv2%5C%26quot%3B%22%20width%3D%22%5C%26quot%3B661%5C%26quot%3B%22%20height%3D%22%5C%26quot%3B362%5C%26quot%3B%22%20role%3D%22%5C%26quot%3Bbutton%5C%26quot%3B%22%20title%3D%22AshleyMartin_0-1645032471571.png%22%20alt%3D%22%5C%26quot%3BAshleyMartin_0-1645032471571.png%5C%26quot%3B%22%20%2F%3E%26lt%3B%5C%2Fspan%26gt%3B%26lt%3B%5C%2FP%26gt%3B%5Cn%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CA%20href%3D%22%5C%26quot%3Bhttps%3A%2F%2Fazurecloudai.blog%2F2022%2F02%2F16%2Fthe-unified-microsoft-sentinel-and-microsoft-365-defender-repository%2F%3FWT.mc_id%3Dmodinfra-0000-rotrent%5C%26quot%3B%22%20target%3D%22%5C%26quot%3B_blank%5C%26quot%3B%22%20rel%3D%22%5C%26quot%3Bnoopener%20nofollow%20noopener%20noreferrer%22%20nofollow%3D%22%22%20noreferrer%3D%22%22%3EThe%20Unified%20Microsoft%20Sentinel%20and%20Microsoft%20365%20Defender%20Repository%20%E2%80%93%20Azure%20Cloud%20%26amp%3B%20AI%20Domain%20Blog%20(azurecloudai.blog)%26lt%3B%5C%2FA%26gt%3B%26lt%3B%5C%2FP%26gt%3B%5Cn%3C%2FA%3E%3C%2FP%3E%3CP%20class%3D%22%5C%26quot%3Bhas-medium-font-size%5C%26quot%3B%22%3EAs%20product%20and%20services%20always%20to%20continue%20to%20align%20its%20great%20to%20see%20movement%20in%20areas%20that%20provide%20pure%20value.%20The%20Microsoft%20Sentinel%20GitHub%20repository%20has%20now%20made%20room%20to%20house%20Microsoft%20365%20Defender%20Hunting%20queries.%26lt%3B%5C%2FP%26gt%3B%5Cn%3C%2FP%3E%3CP%20class%3D%22%5C%26quot%3Bhas-medium-font-size%5C%26quot%3B%22%3EKQL%20is%20the%20tie%20that%20binds%20these%20two%20security%20services%2C%20and%20because%20of%20that%2C%20Hunting%20queries%20for%20Microsoft%20365%20Defender%20are%20now%20available%20from%20the%20combined%20repository.%26lt%3B%5C%2FP%26gt%3B%5Cn%3C%2FP%3E%3CP%20class%3D%22%5C%26quot%3Bhas-medium-font-size%5C%26quot%3B%22%3ETo%20locate%20these%20queries%2C%20go%20to%20the%20original%20Microsoft%20Sentinel%20GitHub%20repository%20(%3CA%20href%3D%22%5C%26quot%3Bhttps%3A%2F%2Faka.ms%2FSentinelGitHub%5C%26quot%3B%22%20target%3D%22%5C%26quot%3B_blank%5C%26quot%3B%22%20rel%3D%22%5C%26quot%3Bnoreferrer%20nofollow%20noopener%20noreferrer%22%20noopener%3D%22%22%3Ehttps%3A%2F%2Faka.ms%2FSentinelGitHub%26lt%3B%5C%2FA%26gt%3B)%20and%20open%20the%20Hunting%20Queries%20folder%20to%20find%20the%20Microsoft%20365%20Defender%20folder.%26lt%3B%5C%2FP%26gt%3B%26lt%3B%5C%2Flingo-body%26gt%3B%3CLINGO-LABS%20id%3D%22%5C%26quot%3Blingo-labs-3174533%5C%26quot%3B%22%20slang%3D%22%5C%26quot%3Ben-US%5C%26quot%3B%22%3E%3CLINGO-LABEL%3ECloud%20Security%26lt%3B%5C%2Flingo-label%26gt%3B%3CLINGO-LABEL%3EMicrosoft%20365%20Defender%26lt%3B%5C%2Flingo-label%26gt%3B%3CLINGO-LABEL%3EMicrosoft%20Sentinel%26lt%3B%5C%2Flingo-label%26gt%3B%26lt%3B%5C%2Flingo-labs%26gt%3B%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3C%2FLINGO-SUB%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3174533%22%20slang%3D%22en-US%22%3ENew%20Blog%20Posts%20%7C%20The%20Unified%20Microsoft%20Sentinel%20and%20Microsoft%20365%20Defender%20Repository%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3174533%22%20slang%3D%22en-US%22%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22AshleyMartin_0-1645032471571.png%22%20style%3D%22width%3A%20661px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F348797iAB638CB9E5F73C89%2Fimage-dimensions%2F661x362%3Fv%3Dv2%22%20width%3D%22661%22%20height%3D%22362%22%20role%3D%22button%22%20title%3D%22AshleyMartin_0-1645032471571.png%22%20alt%3D%22AshleyMartin_0-1645032471571.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fazurecloudai.blog%2F2022%2F02%2F16%2Fthe-unified-microsoft-sentinel-and-microsoft-365-defender-repository%2F%3FWT.mc_id%3Dmodinfra-0000-rotrent%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3EThe%20Unified%20Microsoft%20Sentinel%20and%20Microsoft%20365%20Defender%20Repository%20%E2%80%93%20Azure%20Cloud%20%26amp%3B%20AI%20Domain%20Blog%20(azurecloudai.blog)%3C%2FA%3E%3C%2FP%3E%0A%3CP%20class%3D%22has-medium-font-size%22%3EAs%20product%20and%20services%20always%20to%20continue%20to%20align%20its%20great%20to%20see%20movement%20in%20areas%20that%20provide%20pure%20value.%20The%20Microsoft%20Sentinel%20GitHub%20repository%20has%20now%20made%20room%20to%20house%20Microsoft%20365%20Defender%20Hunting%20queries.%3C%2FP%3E%0A%3CP%20class%3D%22has-medium-font-size%22%3EKQL%20is%20the%20tie%20that%20binds%20these%20two%20security%20services%2C%20and%20because%20of%20that%2C%20Hunting%20queries%20for%20Microsoft%20365%20Defender%20are%20now%20available%20from%20the%20combined%20repository.%3C%2FP%3E%0A%3CP%20class%3D%22has-medium-font-size%22%3ETo%20locate%20these%20queries%2C%20go%20to%20the%20original%20Microsoft%20Sentinel%20GitHub%20repository%20(%3CA%20href%3D%22https%3A%2F%2Faka.ms%2FSentinelGitHub%22%20target%3D%22_blank%22%20rel%3D%22noreferrer%20noopener%22%3Ehttps%3A%2F%2Faka.ms%2FSentinelGitHub%3C%2FA%3E)%20and%20open%20the%20Hunting%20Queries%20folder%20to%20find%20the%20Microsoft%20365%20Defender%20folder.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-3174533%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3ECloud%20Security%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EMicrosoft%20365%20Defender%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EMicrosoft%20Sentinel%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Microsoft

AshleyMartin_0-1645032471571.png

The Unified Microsoft Sentinel and Microsoft 365 Defender Repository – Azure Cloud & AI Domain Blog ...

As product and services always to continue to align its great to see movement in areas that provide pure value. The Microsoft Sentinel GitHub repository has now made room to house Microsoft 365 Defender Hunting queries.

KQL is the tie that binds these two security services, and because of that, Hunting queries for Microsoft 365 Defender are now available from the combined repository.

To locate these queries, go to the original Microsoft Sentinel GitHub repository (https://aka.ms/SentinelGitHub) and open the Hunting Queries folder to find the Microsoft 365 Defender folder.

0 Replies