This repo contains sample queries for Windows Defender Advanced Threat Protection Advanced hunting. The queiries includes the types of data that it covers and the query language it supports, with these samples and queries, you can start to hunting.
rkondracki / windowsdefenderatp_advanced_hunting_samples_queries Goto Github PK
View Code? Open in Web Editor NEWWindows Defender ATP Advanced Hunting Queries