86sunbot/sentinel-detection-engineering

GitHub: 86sunbot/sentinel-detection-engineering

面向 Microsoft Sentinel 的生产级 KQL 检测规则库，按 MITRE ATT&CK 框架分类，帮助安全团队快速部署多场景威胁检测能力。

Stars: 0 | Forks: 0

# sentinel-detection-engineering

标签：AMSI绕过, KQL, Microsoft Sentinel, PE 加载器, 威胁检测, 安全运营, 扫描框架