# cloud-architekt/azuread-attack-defense **Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/cloud-architekt-azuread-attack-defense).** 2,471 stars · 364 forks · PowerShell ## Links - GitHub: https://github.com/Cloud-Architekt/AzureAD-Attack-Defense - awesome-repositories: https://awesome-repositories.com/repository/cloud-architekt-azuread-attack-defense.md ## Topics `azureactivedirectory` `itdr` `microsoftentraid` `microsoftsentinel` ## Tags ### Artificial Intelligence & ML - [Security Mitigation Playbooks](https://awesome-repositories.com/f/artificial-intelligence-ml/step-by-step-task-plans/security-mitigation-playbooks.md) — Provides step-by-step instructions to reduce the attack surface and harden the environment against specific identity threats. ### Part of an Awesome List - [MITRE ATT&CK Analysis](https://awesome-repositories.com/f/awesome-lists/devtools/threat-analysis-tools/mitre-att-ck-analysis.md) — Maps each attack scenario to the corresponding MITRE ATT&CK tactics, techniques, and procedures to guide defensive strategy. - [Attack Scenario Mappings](https://awesome-repositories.com/f/awesome-lists/devtools/threat-analysis-tools/mitre-att-ck-analysis/attack-scenario-mappings.md) — Maps each attack scenario to the corresponding MITRE ATT&CK tactics, techniques, and procedures to guide defensive strategy. ([source](https://github.com/Cloud-Architekt/AzureAD-Attack-Defense#readme)) - [Identity Risk Mitigation](https://awesome-repositories.com/f/awesome-lists/security/identity-and-access-management/identity-risk-mitigation.md) — Providing step-by-step instructions to reduce the attack surface and harden the environment against specific identity threats. - [Technical Reference Guides](https://awesome-repositories.com/f/awesome-lists/learning/technical-reference-guides.md) — Reference guide for attacking and defending Azure Active Directory. ### Networking & Communication - [Identity Attack Detections](https://awesome-repositories.com/f/networking-communication/network-infrastructure-routing/wireless-network-utilities/wireless-deauthentication-tools/attack-detection/identity-attack-detections.md) — Detects identity-based attacks using Microsoft security products like Defender XDR, Sentinel, and Defender for Cloud Apps. ([source](https://github.com/Cloud-Architekt/AzureAD-Attack-Defense#readme)) ### Security & Cryptography - [Microsoft Graph API Audits](https://awesome-repositories.com/f/security-cryptography/api-activity-auditing/microsoft-graph-api-audits.md) — Pulls security configuration from Microsoft Graph API into Log Analytics for visualization and alerting on critical changes. - [Microsoft Security Stack Detections](https://awesome-repositories.com/f/security-cryptography/bot-detection/identity-spoofing-detection/microsoft-security-stack-detections.md) — Detecting identity-based attacks using Microsoft security products like Defender XDR, Sentinel, and Defender for Cloud Apps. - [Attack Simulations](https://awesome-repositories.com/f/security-cryptography/governance-policy-frameworks/compliance-governance/security-and-compliance/security-and-threat-mitigations/attack-simulations.md) — Describes realistic attack scenarios, including password spray and consent grant, to test and improve organizational defenses. - [Common Attack Scenarios](https://awesome-repositories.com/f/security-cryptography/governance-policy-frameworks/compliance-governance/security-and-compliance/security-and-threat-mitigations/attack-simulations/common-attack-scenarios.md) — Describes realistic attack scenarios, including password spray and consent grant, to test and improve organizational defenses. ([source](https://github.com/Cloud-Architekt/AzureAD-Attack-Defense#readme)) - [Identity Threat Mitigations](https://awesome-repositories.com/f/security-cryptography/governance-policy-frameworks/compliance-governance/security-and-compliance/security-and-threat-mitigations/identity-threat-mitigations.md) — Provides step-by-step instructions to reduce the attack surface and harden the environment against specific identity threats. ([source](https://github.com/Cloud-Architekt/AzureAD-Attack-Defense#readme)) - [Security Audits](https://awesome-repositories.com/f/security-cryptography/identity-access-management/microsoft-entra-id-management/security-audits.md) — Auditing Microsoft Entra ID security configuration by pulling data into Log Analytics for visualization and alerting on critical changes. - [Security Configuration Audits](https://awesome-repositories.com/f/security-cryptography/identity-access-management/microsoft-entra-id-management/security-configuration-audits.md) — Pulls security configuration from Microsoft Graph API into Log Analytics for visualization and alerting on critical changes. ([source](https://github.com/Cloud-Architekt/AzureAD-Attack-Defense#readme)) - [Security Stack Integrations](https://awesome-repositories.com/f/security-cryptography/microsoft-account-integrations/security-stack-integrations.md) — Detects identity-based attacks using Microsoft security products like Defender XDR, Sentinel, and Defender for Cloud Apps. - [Session Token Replays](https://awesome-repositories.com/f/security-cryptography/session-token-replays.md) — Identifies and mitigates attacks that replay stolen tokens or session cookies to bypass authentication and MFA.