Shields up! Find CISA Known Exploited Vulns in your Defender for Endpoint data
This post has some KQL to report CISA Known Exploited Vulns within your environment.
This post has some KQL to report CISA Known Exploited Vulns within your environment.
This post has some KQL to report “who read the sensitive email and who opened the sensitive attachment” using Defender for Office365 and Defender for Endpoint.
This post has some KQL to report on files uploaded to cloud via Microsoft or Google browsers. It requires Office365 sensitivity labels, Defender for EndPoint and (for Google Chrome) the Microsoft Compliance extention