profile
viewpoint
If you are wondering where the data of this site comes from, please visit https://api.github.com/users/swiftsolves-msft/events. GitMemory does not store any data, but only uses NGINX to cache data for a period of time. The idea behind GitMemory is simply to give users a better reading experience.

swiftsolves-msft/Azure-Sentinel-CiscoUmbrella 9

Reworked assets for Azure Sentinel using Cisco Umbrella logs as source. Includes logstash config for Cisco Umbrella using Cisco managed AWS S3

swiftsolves-msft/AzurePenTestScope 5

The following scripts and programs are to help security professionals scope their organizations Azure footprint prior to penetration testing.

swiftsolves-msft/Azure-Sentinel-Aviatrix 1

Assets for Azure Sentinel using Aviatrix and NetFlow logs as source. Includes logstash config for Aviatrix NetFlow to listen.

swiftsolves-msft/AADSignInActivity 0

Powershell runbook to be used on a scheduled trigger to collect AAD SignIn Activity and store in Azure Files. Starts of next time where it left of based on last sign in date\time

swiftsolves-msft/active-directory-dotnet-graphapi-b2bportal-web 0

Demonstration/prototype of B2B self-service signup, signup approvals, and profile editing.

swiftsolves-msft/AdaptiveNetworkLab 0

Lab to test out Azure Security Center Adaptive Network Hardening

swiftsolves-msft/AFDWAFRules 0

Azure Front Door WAF Custom Rules

swiftsolves-msft/ARM-Policy 0

Azure ARM Policies

swiftsolves-msft/ASC-Workflow-Automation 0

Azure Security Center Workflow automation on recommendations and detections.

issue openedAzure/Azure-Security-Center

Deploy for Defender extension installation examples errors in Azure Portal CORS message

Describe the bug There was an error downloading the template from URI 'https:://github.com/Azure/Azure-Security-Center/tree/master/Pricing & Settings/Defender for Kubernetes/Defender extension installation examples/azure-defender-extension-arm-template.json'. Ensure that the template is publicly accessible and that the publisher has enabled CORS policy on the endpoint. To deploy this template, download the template manually and paste the contents in the 'Build your own template in the editor' option below.

To Reproduce Steps to reproduce the behavior:

  1. Go to https://github.com/Azure/Azure-Security-Center/tree/main/Pricing%20%26%20Settings/Defender%20for%20Kubernetes/Defender%20extension%20installation%20examples
  2. Click on Deploy to Azure button

Expected behavior Deploy to Azure should load the ARM template correctly in Azure Portal

created time in a day

PR opened Azure/Azure-Sentinel

Update readme.md

included asc policy links and fixed deploy to azure button

Fixes #

Proposed Changes

+6 -3

0 comment

1 changed file

pr created time in 7 days

push eventswiftsolves-msft/Azure-Sentinel

swiftsolves-msft

commit sha 6f86fdcf6d90d949a3c35b4c95ef8b4d38e885ff

Update readme.md included asc policy links and fixed deploy to azure button

view details

push time in 7 days

issue commentAzure/Azure-Sentinel

Deployment fails on Custom Connector for Get-GeoFromIpAndTagIncident

https://github.com/Azure/Azure-Sentinel/pull/2695

swiftsolves-msft

comment created time in 12 days

PR opened Azure/Azure-Sentinel

fix deploy custom connector - Get-GeoFromIpAndTagIncident

https://github.com/Azure/Azure-Sentinel/issues/2694

line 20 on azuredeploy.json for custom connector has a extra '

            "serviceUrl": "https://ip-api.com/json'"

removing '

Fixes #

Proposed Changes

+1 -1

0 comment

1 changed file

pr created time in 12 days

push eventswiftsolves-msft/Azure-Sentinel

swiftsolves-msft

commit sha 11361032994a7698132b10a7e50b20c3159cd5fe

fix deploy custom connector - Get-GeoFromIpAndTagIncident https://github.com/Azure/Azure-Sentinel/issues/2694 line 20 on azuredeploy.json for custom connector has a extra ' "serviceUrl": "https://ip-api.com/json'" removing '

view details

push time in 12 days

create barnchswiftsolves-msft/Azure-Sentinel

branch : nateswift-fixpbooksdeploy

created branch time in 12 days

push eventswiftsolves-msft/Azure-Sentinel

dicolanl

commit sha 7d1eae63d1ba88107e6bb385331b0b58aa078db4

Updates KV using unique string to be globally uniquq moved access policy into the single azuredeploy.json

view details

Yaron Fruchtmann

commit sha 5e3b0691f0934d993bf9048e025abdf6b66e674d

First commit Authentication parser (yaml)

view details

Yaron Fruchtmann

commit sha 46944d5ed7581471b17389b377e2ac3fb94a761a

Updating per last schema changes

view details

YuvalNaor

commit sha f079faa3fdf47f4150069e45a2cb5eb2e24a33fd

4688 is ready

view details

YuvalNaor

commit sha b420bb2443ba6293bc385993fb75ba1cfd1a2993

fixes

view details

YuvalNaor

commit sha c50b90126504c01bcd2e520203b883ecd39e793f

adding comments

view details

YuvalNaor

commit sha 549196e3e32020c87f1ec5d535fa8244868498bb

NO data for 4689

view details

Shahar Aviv

commit sha 58c9d27a545be8f9cf2565807503094bd484a245

Update AzureActiveDirectorySignins.json

view details

Yaron Fruchtmann

commit sha 0bd29828b28b82bae27e0e462e55d181fac05a9d

adding Okta

view details

Yaron Fruchtmann

commit sha f587e6b79e1e67126ea9a1e5b0f4c938b9a6da64

replacing SessionId with TargetSessionId

view details

YuvalNaor

commit sha 0e544461c0e61fb83f4d37a561a6e49138d57710

fixed empty line

view details

Shahar Aviv

commit sha 3ee6f0c4a8df15b50d7d57c2c42b39c5b1de4b40

Update AzureActiveDirectorySignins.json

view details

Rajendra Khabiya

commit sha 9fe30300ccc423b21f3d407a42f3c28dabce9ae6

Commented code removed

view details

v-jayakal

commit sha 988788e058638110f3c776f11e400319db06d816

Merge pull request #2404 from Azure/v-rucdu/UpdateAdvancedSettings Remove all references of Advanced settings

view details

Rajendra Khabiya

commit sha f7bae48efb28175d5b1e91826da211fd8a30accb

Metadata Added

view details

gilior

commit sha 45da87dec250017c0fd45cb55842e6d6cde8f1ee

Merge pull request #2364 from Azure/lior_gishry/add_wse_rule_templates add wse to security_event

view details

Shahar Aviv

commit sha e5327069dc8a6e3807b471805562a9bff0bfce4c

Update AzureActiveDirectorySignins.json

view details

Amit Bergman

commit sha 1324720335b403b9294ce4a51f27e6990d21128f

Merge pull request #2411 from Azure/t-shaviv-patch-3 Update AzureActiveDirectorySignins.json

view details

v-rucdu

commit sha c38b7ef280651282da78c66a1c738799ebbf325d

Merge branch 'master' into pr/2301

view details

Alex Verbniak

commit sha d575f40c26a26fe0d4c5dd818deafe3d226da94f

JuniperIDP: data connector, parser, samples

view details

push time in 12 days

issue commentAzure/Azure-Sentinel

Deployment fails on Custom Connector for Get-GeoFromIpAndTagIncident

line 20 on azuredeploy.json for custom connector has a extra '

                "serviceUrl": "https://ip-api.com/json**### _'_**"
swiftsolves-msft

comment created time in 12 days

issue openedAzure/Azure-Sentinel

Deployment fails on Custom Connector for Get-GeoFromIpAndTagIncident

https://github.com/Azure/Azure-Sentinel/tree/master/Playbooks/Get-GeoFromIpAndTagIncident

ARM Deployment error on Custom Connector for playbook.

{

"status": "Failed",

"error": {

    "code": "BadRequest",

    "message": "{\"Code\":\"BadRequest\",\"Message\":\"Swagger contains base path:/json but backend Url doesn't end on same path:/json' \",\"Target\":null,\"Details\":[{\"Message\":\"Swagger contains base path:/json but backend Url doesn't end on same path:/json' \"},{\"Code\":\"BadRequest\"},{\"ErrorEntity\":{\"ExtendedCode\":\"14024\",\"MessageTemplate\":\"Swagger contains base path:{0} but backend Url doesn't end on same path:{1} \",\"Parameters\":[\"/json\",\"/json'\"],\"Code\":\"BadRequest\",\"Message\":\"Swagger contains base path:/json but backend Url doesn't end on same path:/json' \"}}],\"Innererror\":null}"

}

}

created time in 12 days

PR opened Azure/Azure-Sentinel

Update-AzureDefenderDataConnector

This Logic App will act as a 15min synchronizer between new Azure subscriptions created and your Azure Sentinel Azure Defender Data Connector being enabled for the new Azure subscriptions to generate Azure Defender alerts into Azure Sentinel

Fixes #

Proposed Changes

+350 -0

0 comment

2 changed files

pr created time in 15 days

push eventswiftsolves-msft/Azure-Sentinel

swiftsolves-msft

commit sha dab90fd16d36dffb369d16846a45dbecb8e3f2c7

Update-AzureDefenderDataConnector This Logic App will act as a 15min synchronizer between new Azure subscriptions created and your Azure Sentinel Azure Defender Data Connector being enabled for the new Azure subscriptions to generate Azure Defender alerts into Azure Sentinel

view details

push time in 15 days

PR opened Azure/Azure-Security-Center

ASC integrations

ASC Pricing & Settings - Azure policy for enable integrations for MCAS and MDE on subscription.

+128 -0

0 comment

2 changed files

pr created time in 19 days

push eventswiftsolves-msft/Azure-Security-Center

swiftsolves-msft

commit sha 19c68caeb9cc011a871a4caf223ae6b4f066cb93

ASC integrations ASC Pricing & Settings - Azure policy for enable integrations for MCAS and MDE on subscription.

view details

push time in 19 days

create barnchswiftsolves-msft/Azure-Security-Center

branch : enable-integrations

created branch time in 19 days

PR opened Azure/Azure-Sentinel

ipv4 RFC1918 check logic

Added logic to check ip entity to see if ip address is RFC 1918 \ private ip address space. If the ip address is private do not scan the ip address with GreyNoise.

Fixes #

Proposed Changes

+139 -15

0 comment

1 changed file

pr created time in 22 days

push eventswiftsolves-msft/Azure-Sentinel

swiftsolves-msft

commit sha f08a081ca7c27d52edf0ef0d7ae120fb281d2380

ipv4 RFC1918 check logic Added logic to check ip entity to see if ip address is RFC 1918 \ private ip address space. If the ip address is private do not scan the ip address with GreyNoise.

view details

push time in 22 days

push eventswiftsolves-msft/PowerShell-Scripts

swiftsolves-msft

commit sha 04ace206eb574202f182749338317aa6b18c102d

Add files via upload

view details

push time in a month

push eventswiftsolves-msft/decks

swiftsolves-msft

commit sha 6ac4df4cf08f484a166df6acbb687147f3459fcc

Add files via upload

view details

push time in a month

push eventswiftsolves-msft/kql

swiftsolves-msft

commit sha eed30a80305d7851f27e3f4e908944eb8048edfe

Update AZDefenderCountsPricing.yaml

view details

push time in a month

push eventswiftsolves-msft/kql

swiftsolves-msft

commit sha db2ee8201008804742af56c28a3ffc451cdf9e4a

Update AZDefenderCountsPricing.yaml

view details

push time in a month

push eventswiftsolves-msft/Notebooks

swiftsolves-msft

commit sha 939f57b4755d2418a6320576d62c7cc1b87df503

Add files via upload

view details

push time in 2 months

push eventswiftsolves-msft/Notebooks

swiftsolves-msft

commit sha 61e9e3175016e7cc315123c672a2cae94b57788d

Add files via upload

view details

push time in 2 months

create barnchswiftsolves-msft/Notebooks

branch : main

created branch time in 2 months

created repositoryswiftsolves-msft/Notebooks

Notebooks

created time in 2 months

push eventswiftsolves-msft/kql

swiftsolves-msft

commit sha 4d6ef17668cd3f699d36561ca4ec090bcda9ff3a

Add files via upload

view details

push time in 3 months

push eventswiftsolves-msft/kql

swiftsolves-msft

commit sha abfc4f40136f74e17261add744da8c73a921369d

Add files via upload

view details

push time in 3 months

push eventswiftsolves-msft/LogicApps

swiftsolves-msft

commit sha f6828ecb2c35a613b59ec47f13d1a776ed9d4fbe

Add files via upload

view details

push time in 3 months