Sentinel ATT&CK goals to simplify the speedy deployment of a menace searching functionality that leverages Sysmon and MITRE ATT&CK on Azure Sentinel.
DISCLAIMER: This software requires tuning and investigative trialling to be really efficient in a manufacturing atmosphere.
Overview
Sentinel ATT&CK offers the next instruments:
Utilization
Head over to the WIKI to learn to deploy and run Sentinel ATT&CK.
A replica of the DEF CON 27 cloud village presentation introducing Sentinel ATT&CK may be discovered right here and right here.
Contributing
As this repository is continually being up to date and labored on, when you spot any issues we warmly welcome pull requests or submissions on the problem tracker.
Authors and contributors
Sentinel ATT&CK is constructed with <3 by:
Particular thanks go to the next contributors: