Microsoft

User Links

• https://login.microsoftonline.com/ (Office 365 login portal)
• https://mysignins.microsoft.com/
• https://myapplications.microsoft.com/
• https://login.microsoftonline.com/
• https://outlook.office365.com/calendar/view/month
• https://outlook.office365.com/mail/

Security Tools

• https://security.microsoft.com/quarantine?
• https://admin.exchange.microsoft.com/#/transportrules (message trace)

Azure

• https://m365maps.com/renames.htm (product name changes)
• https://azure.microsoft.com/en-us/services/application-gateway/
• https://azure.microsoft.com/en-us/services/frontdoor/
• https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/check-sensor-status?view=o365-worldwide

Azure KQL

• https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/microsoft-defender-for-endpoint-commonly-used-queries-and/ba-p/1795046
• https://github.com/search?q=kql+threat+hunting
• https://github.com/microsoft/Microsoft-365-Defender-Hunting-Queries
• https://github.com/ugurkocde/IntuneDeviceQuery
• https://github.com/LearningKijo/SecurityResearcher-Note/blob/main/SecurityResearcher-Note-Folder/Day15-XDR-Insights-2024update.md
• https://arcanecode.com/2023/02/20/fun-with-kql-let/

Sentinel / Defender

• https://github.com/Azure/Azure-Sentinel/tree/master/Playbooks/Get-AlienVault_OTX
• https://learn.microsoft.com/en-us/azure/azure-monitor/logs/basic-logs-configure?tabs=portal-1
• https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/scc-permissions?view=o365-worldwide
• https://github.com/azure
• https://learn.microsoft.com/en-us/azure/azure-monitor/logs/basic-logs-query?tabs=portal-1
• https://docs.microsoft.com/en-us/azure/sentinel/investigate-cases#prerequisites