KQL Search

Search engine for KQL Queries

Identify Endpoints Removed From Isolation

Author: Michalis MichalosReleased: 2/29/2024

Identify Isolated Endpoints

Author: Michalis MichalosReleased: 2/29/2024

Commandline User Addition

Author: Bert-Jan PalsReleased: 2/28/2024

Multiple Sentitive Group Additions

Author: Bert-Jan PalsReleased: 2/27/2024

Multiple Defender For Cloud Incident

Author: Jose Sebastián CanósReleased: 2/26/2024

Apt29

Author: Ali HusseinReleased: 2/26/2024

Security Alert Data Usage

Author: Matt ZorichReleased: 2/26/2024

Power Shell Invoke Webrequest

Author: Bert-Jan PalsReleased: 2/25/2024

Certutil Remote Download

Author: Bert-Jan PalsReleased: 2/24/2024

Identify Endpoints Removed From Containment

Author: Michalis MichalosReleased: 2/24/2024

Identify Contained Endpoints

Author: Michalis MichalosReleased: 2/24/2024

Visualization Threat Intelligence Threat Types

Author: Bert-Jan PalsReleased: 2/22/2024

Create And Query

Author: Rod TrentReleased: 2/22/2024

Office Activity Teams Phishing Campaign

Author: Jose Sebastián CanósReleased: 2/21/2024

SBMNTLM

Author: Ali HusseinReleased: 2/20/2024

Parsing Palo Alto Prisma Cloud Alert Logs

Author: Jose Sebastián CanósReleased: 2/19/2024

App Service HTTP Logs PHP File Request In App Service

Author: Jose Sebastián CanósReleased: 2/19/2024

Signin Logs Azure Portal Signinfromanother Azure Tenant

Author: Jose Sebastián CanósReleased: 2/19/2024

Power Shell Key Logging

Author: Ali HusseinReleased: 2/18/2024

Vssadmindelete

Author: Ali HusseinReleased: 2/18/2024

Blood Hound Generatedfiles

Author: Ali HusseinReleased: 2/18/2024

Graph Activity From First Party Apps

Author: Thomas NaunheimReleased: 2/16/2024

Aad Audit Event From First Party Apps

Author: Thomas NaunheimReleased: 2/16/2024

AWS Cloud Trail Aws Setdefaultpolicyversion

Author: Jose Sebastián CanósReleased: 2/15/2024

AWS Cloud Trail AWS User MFA Modified

Author: Jose Sebastián CanósReleased: 2/15/2024

AWS Cloud Trail Aws Network Access Control List Deleted

Author: Jose Sebastián CanósReleased: 2/15/2024

AWS Cloud Trail Aws Iam Assume Role Policy Brute Force

Author: Jose Sebastián CanósReleased: 2/15/2024

Visualization File Types

Author: Bert-Jan PalsReleased: 2/14/2024

AWS Cloud Trail Aws Iam Accessdenied Discovery Events

Author: Jose Sebastián CanósReleased: 2/14/2024

AWS Cloud Trail Aws Exfiltration Via Datasync Task

Author: Jose Sebastián CanósReleased: 2/14/2024

AWS Cloud Trail Aws Exfiltration Via Bucket Replication

Author: Jose Sebastián CanósReleased: 2/14/2024

Security Incident Incidents With Automation Rule Failure Events From Sentinel Health

Author: Jose Sebastián CanósReleased: 2/14/2024

AWS Cloud Trail Aws Ecr Container Upload Unknown User

Author: Jose Sebastián CanósReleased: 2/13/2024

AWS Cloud Trail Aws Disable Bucket Versioning

Author: Jose Sebastián CanósReleased: 2/13/2024

AWS Cloud Trail Aws Defense Evasion Putbucketlifecycle

Author: Jose Sebastián CanósReleased: 2/13/2024

AWS Cloud Trail Aws Credential Access Rds Password Reset

Author: Jose Sebastián CanósReleased: 2/13/2024

AWS Cloud Trail Aws Credential Access Getpassworddata

Author: Jose Sebastián CanósReleased: 2/13/2024

AWS Cloud Trail Aws Credential Access Failed Login

Author: Jose Sebastián CanósReleased: 2/13/2024

AWS Cloud Trail Aws Password Policy Changes

Author: Jose Sebastián CanósReleased: 2/13/2024

AWS Cloud Trail Aws Multi Factor Authentication Disabled

Author: Jose Sebastián CanósReleased: 2/13/2024

AWS Cloud Trail Aws Createaccesskey

Author: Jose Sebastián CanósReleased: 2/13/2024

AWS Cloud Trail Aws Concurrent Sessions From Different Ips

Author: Jose Sebastián CanósReleased: 2/13/2024

AWS Cloud Trail AWS DB Snapshot Publicly Exposed

Author: Jose Sebastián CanósReleased: 2/12/2024

AWS Cloud Trail AWS EBS Snapshot Publicly Exposed

Author: Jose Sebastián CanósReleased: 2/12/2024

AWS Cloud Trail AWS AMI Publicly Exposed

Author: Jose Sebastián CanósReleased: 2/12/2024

AWS Cloud Trail AWS IAM User Password Modified

Author: Jose Sebastián CanósReleased: 2/12/2024

AWS Cloud Trail Asl Aws Password Policy Changes

Author: Jose Sebastián CanósReleased: 2/12/2024

AWS Cloud Trail Asl Aws Multi Factor Authentication Disabled

Author: Jose Sebastián CanósReleased: 2/12/2024

Epm Unusued Service Principals Az ADSPI

Author: Thomas NaunheimReleased: 2/10/2024

AWS Cloud Trail Asl Aws Createaccesskey

Author: Jose Sebastián CanósReleased: 2/8/2024

Loading...