You can use and run those shared queries in Defender XDR/EDR to find any correlated events with IoCs extracted from threat feeds, export vulnerability reports and so on.
-
Notifications
You must be signed in to change notification settings - Fork 0
demotedcoder/KQL_Shared_Queries
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
About
In this repository, you will find KQL queries that can be executed in Defender EDR.
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published