Skip to content

gh-andrem/DefenderXDR-AdvancedHunting

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

215 Commits
Queries
Queries
 
 
Scripts
Scripts
 
 
LICENSE
LICENSE
 
 
MDE-ASR-Rules-Overview.md
MDE-ASR-Rules-Overview.md
 
 
README.md
README.md
 
 

Repository files navigation

Defender XDR Advanced Hunting Queries (KQL)

Overview of available queries

  • MDE Attack Surface Reduction Rules Report
  • MDE Controlled Folder Access Report
  • MDE Device Control Events
  • MDE Device Network and IP Information Report
  • MDE Endpoint Agent Health Status Report
  • MDE Exploit Protection Report
  • MDE Threat and Vulnerability Management (TVM) SCID Overview
  • MDAV Scan Status
  • MDAV Status Overview
  • SmartScreen
  • Network Protection
  • WSL1, WSL2 and HyperV instances

About

Defender XDR Advanced Hunting Queries (MDE, MDAV, Device Discovery)

Topics

kql defender-for-endpoint advanced-hunting m365-defender defender-xdr

Resources

Readme

License

MIT license
Activity

Stars

11 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy