This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and how they can be mitigated or detected.

Welcome to the Cloud Security Toolkit repository, your all-in-one destination for cutting-edge cloud security resources! Whether you're diving into offensive strategies, mastering threat hunting, or bolstering your blue-team defenses, this repo has you covered.

Private repository for Sentinel related documentation, gists, scripts and code snippets which might be useful for implementation, tuning and troubleshooting

This file presents deployment code of virtual network implementation within the Microsoft Azure cloud environment and its integration with Microsoft Sentinel as SIEM system to provide automated solutions for various security scenarios.

This repository provides Analytics Rule of Microsoft Sentinel to support Structured Format about Azure Firewall.

Project shows how to build a mini honeypot with Azure, ingest log files from real traffic into Microsoft Sentinel using Law Analytics Workspace . Also showing how to respond to incidents on Sentinel Dashboard. Writing KQL scripts , Using NIST 800-53 Access Control and NIST 800-61 Incidnet Response to harden environment.

The objective of this lab is to set up Microsoft Sentinel. A virtual machine will be created in the cloud and configured as a honeypot. This setup will allow monitoring and logging of various attacks. The ultimate goal is to create a map displaying the origin of the attacks.

Managing Microsoft Sentinel with Azure Lighthouse