Interactive Azure Sentinel Notebooks provides security insights and actions to investigate anomalies and hunt for malicious behaviors.

A curated collection of Cloud DFIR and threat‑hunting resources focused on Microsoft Sentinel, Defender XDR, Azure, and Microsoft 365. Includes KQL hunting queries, Sentinel workbook JSONs, notebook configurations, SOAR automations, and practical detection engineering artifacts for real‑world investigations and SOC operations.

No description available

Artifacts for Azure Sentinel demo (sample attack/notebook)

In this repository you can find Jupyter notebooks with everything you need to fight cyberattacks in Azure Sentinel

This is a simple guide to creating a Jupyter notebook for Azure Sentinel. It includes instructions on how to create a Python virtual environment, install dependencies, and create a Jupyter notebook as well as a sample notebook containing all the initial setup code to get you started.