T1110.003

June 1, 2026

Slack Audit Solution: Enhanced Detection Logic and Alert Enrichment

Slack Audit analytic rules, hunting queries, and workbook upgraded with improved KQL logic, custom alert details, and enhanced entity mappings for stronger workspace monitoring. Read More →

May 7, 2026

Microsoft Entra ID: Hunting Query for Password Spraying Detection via IP Failure Bursts

Correlates failed sign-ins across multiple identities followed by successful authentication from the same IP within 15 minutes, targeting password spraying patterns. Read More →

Auto-generated content based on the Azure-Sentinel GitHub repo.

Microsoft Sentinel is a trademark of Microsoft Corporation.