This repository contains a collection of security resources created by Security Risk Advisors to enhance capabilities within the Azure and Microsoft ecosystem.
Each project or tool is organized into its own folder, complete with a dedicated README file for detailed information.
- A collection of Logic Apps that:
- Automatically creates a file storage folder for every new Sentinel incident.
- Posts a link to the folder in the incident activity upon creation.
- Updates the incident whenever files are added to the folder.
- Tools for ingesting and parsing Epic logs into Azure Sentinel, including:
- Ingestion time transformation rules.
- Analytics.
- Workbooks.
- A set of plugins designed to extend the functionality of Copilot for Security, enabling it to:
- Include additional datasets.
- Analyze these datasets effectively.
- A Logic App that leverages:
- Azure Sentinel and Azure OpenAI GPT-4 to generate daily emails summarizing all activities within the SOC.
- A Logic App and Chrome plugin that:
- Allows for direct integration of browser activities with Security Copilot. Facilitates one click execution of threat hunting based on IOCs on a web page, execution by Security Copilot, and hunt team notification via Teams channel.
For any comments or questions, please reach out to:
- Mike Pinch: [email protected]
- Website: Security Risk Advisors
- SCALR Platform: SCALR by SRA