T1095

May 26, 2026

Defender for Endpoint: Cryptographic Identity Baselining Hunting Query for Process Network Anomalies

New hunting query detects first-time network connections by processes using cryptographic signer baselining to defeat DLL sideloading and BYOTA attacks. Read More →

February 6, 2026

Documentation Fix: Broken Links Resolved in Microsoft Entra ID and Network Session Essentials

Customer-reported broken links fixed in analytic rule descriptions with corrected MITRE technique references and restored documentation. Read More →

Auto-generated content based on the Azure-Sentinel GitHub repo.

Microsoft Sentinel is a trademark of Microsoft Corporation.