GitHub - acquiredsecurity/SentinelOne-ThreatHunting-and-XDR-Guide: Beginners Guide to Hunting for Threats

Welcome to my Threat Hunting and XDR Guide for SentinelOne!

Sections:

I. SentinelOne Threat Hunting Guide

II. Skylight-DeepViz2Skylight -- Dashboards and queries built around the traditional DeepVizibility indicator view with the new Skylight feature in SentinelOne. Provides basic queries and visualizations for the following:

a. Processes & Cross Processes
b. Indicators
c. Files & Drivers
d. Network and DNS
e. URL
f. Registry
g. Scheduled Tasks
h. Event Logs / Logins
i. Command Scripts
j. Named Pipes

III. Skylight-GeoLocations

IV. Skylight-PowerShell

V. XDR-O365

Name		Name	Last commit message	Last commit date
Latest commit History 51 Commits
SentinelOne-Threat-Hunting-Guide		SentinelOne-Threat-Hunting-Guide
Skylight-DeepViz2Skylight		Skylight-DeepViz2Skylight
Skylight-Geolocation		Skylight-Geolocation
Skylight-PowerShell		Skylight-PowerShell
XDR-O365		XDR-O365
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Repository files navigation

About

Uh oh!

Releases

Packages

acquiredsecurity/SentinelOne-ThreatHunting-and-XDR-Guide

Folders and files

Latest commit

History

Repository files navigation

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Packages