Sentinel-Attack : Tools To Rapidly Deploy A Threat Hunting Capability On Azure Sentinel

Sentinel ATT&CK aims to simplify the rapid deployment of a threat hunting capability that leverages Sysmon and MITRE ATT&CK on Azure Sentinel Overview Sentinel ATT&CK provides the following tools: An ARM template to automatically deploy Sentinel ATT&CK to your Azure environment A Sysmon configuration file compatible with Azure Sentinel and mapped to specific ATT&CK techniques A Sysmon log parser mapped against the OSSEM data model …