This repo contains sample queries for Microsoft Defender for Endpoint and Advanced hunting. The queiries includes the types of data that it covers and the query language it supports, with these samples and queries, you can start to hunting.
bonusland / microsoft-defender-for-endpoint-queries Goto Github PK
View Code? Open in Web Editor NEWThis project forked from rkondracki/windowsdefenderatp_advanced_hunting_samples_queries
Microsoft Defender for Endpoint Hunting Queries