Browse our collection of ready-to-deploy scripts, workbooks, and solutions for Azure & Microsoft security challenges.
⚡ Our Premium Solutions catalog is actively being expanded! We're adding new solutions regularly.
Meanwhile, you can explore all our solutions in our technical blog.
Automate Azure subscription cost data collection and send formatted HTML reports to subscription owners with week-over-week comparisons.
Generate professional HTML reports summarizing Microsoft Sentinel incidents, alerts, and workspace usage for the past week.
Automate vulnerability reporting for administrators with targeted mailbox delivery to reduce device exposure and minimize security risks.
Track MFA activities in your Entra ID environment with this Microsoft Sentinel workbook. Includes JSON file and documentation.
Export and analyze Azure Policy initiatives with interactive reports. Perfect for compliance workshops and policy management.
Complete toolkit for managing Azure Monitor Data Collection Rules, including automation scripts, implementation guides, and best practices.
Track and analyze Log Analytics Workspace data ingestion with detailed reports, trends, and cost insights. Perfect for optimizing your Azure Monitor costs.
Monitor and audit Local Administrator Password Solution (LAPS) access events using Microsoft Sentinel and Event ID 4662 tracking.
Comprehensive toolkit for Azure Arc-enabled servers management, onboarding validation, and monitoring. Simplify your hybrid infrastructure with automated validation and management scripts.
A comprehensive collection of PowerShell scripts and implementation guides for Azure Automation Account management, security, and hybrid worker configuration. Simplify your automation deployments with ready-to-use scripts and best practices.
A PowerShell script that scans all your Azure subscriptions to assess Microsoft Defender for Cloud coverage, pricing tiers, and extension configurations. The script generates a comprehensive HTML report showing which subscriptions have Defender for Cloud enabled, what services are protected, and identifies security gaps.
A PowerShell script that provides detailed visibility into Azure resource permissions, showing who really has access to your resources. The tool analyzes direct and inherited permissions across Azure's hierarchical model, identifies PIM-eligible assignments, and detects "ghost" permissions from deleted identities that still have access rights.
Monitor Local Administrator Password Solution (LAPS) configuration and compliance across Azure VMs and Azure Arc-enabled Windows machines.
A collection of PowerShell scripts for Azure cost analysis and reporting, from simple query examples to comprehensive quarterly analysis tools.
Automate AD delegation monitoring and change detection using Microsoft Sentinel with reporting and alerting for enhanced security posture.
Direct Graph API sign-in data extraction for forensic investigations, legal discovery, and compliance audits with comprehensive behavioral analysis.
A PowerShell solution for analyzing Azure Policy initiatives like PCI DSS and CIS Benchmark. Generate comprehensive reports in multiple formats to understand policy coverage, identify preview policies, and prepare for compliance workshops.
A solution for tracking Multi-Factor Authentication (MFA) adoption across your Entra ID environment. This Sentinel workbook helps you monitor MFA registration activities and identify accounts without proper MFA setup.
A comprehensive solution that bridges the gap between Microsoft Defender XDR's vulnerability data and your IT teams by delivering targeted, actionable vulnerability reports directly to device administrators' mailboxes.
A comprehensive toolkit for managing Azure Monitor Data Collection Rules (DCR). From initial setup to advanced configurations, this solution provides everything you need to effectively implement and manage DCRs across your Azure environment.
A PowerShell solution that generates comprehensive reports about your Log Analytics Workspace usage. Track data ingestion trends, compare usage across weeks, and identify opportunities for cost optimization with interactive HTML reports.
A comprehensive collection of PowerShell scripts and implementation guides for Azure Automation Account management, security, and hybrid worker configuration. Simplify your automation deployments with ready-to-use scripts and best practices.
A comprehensive toolkit for managing and monitoring Azure Arc-enabled servers in hybrid environments. From onboarding validation to ongoing management, this collection of PowerShell scripts helps administrators ensure their Arc infrastructure is properly configured and monitored.
A PowerShell script that generates professional HTML reports summarizing Microsoft Sentinel incidents, alerts, and workspace usage for the past week. Designed for security teams to create management-level reports without manual data collection.
This solution automates the process of collecting Azure subscription cost data and distributing formatted HTML reports to subscription owners. It provides a weekly comparison of costs, helping organizations track spending trends and manage their cloud budget effectively.
A PowerShell script that scans all your Azure subscriptions to assess Microsoft Defender for Cloud coverage, pricing tiers, and extension configurations. The script generates a comprehensive HTML report showing which subscriptions have Defender for Cloud enabled, what services are protected, and identifies security gaps.
A PowerShell script that provides detailed visibility into Azure resource permissions, showing who really has access to your resources. The tool analyzes direct and inherited permissions across Azure's hierarchical model, identifies PIM-eligible assignments, and detects "ghost" permissions from deleted identities that still have access rights.
This solution helps security teams monitor and audit access to Windows LAPS passwords in Active Directory using Microsoft Sentinel. By tracking Event ID 4662, organizations can maintain security compliance and detect potential credential access threats.
A Microsoft Sentinel workbook for monitoring Local Administrator Password Solution (LAPS) configuration and compliance across your Azure VMs and Azure Arc-enabled Windows machines. Provides visibility into LAPS deployment, password rotation compliance, and security settings across hybrid environments.
A comprehensive collection of PowerShell scripts for Azure cost management, providing a progressive approach from basic query examples to advanced analysis tools. These scripts build on each other to offer increasingly sophisticated cost visibility and reporting capabilities.
This solution automates the process of monitoring Active Directory delegations, detecting changes, and providing reporting through Microsoft Sentinel. It uses PowerShell scripts running on Domain Controllers to collect delegation data, track changes, and upload data to Azure for analysis.
Direct Microsoft Graph API sign-in data extraction and analysis solution for security investigations, legal discovery, and compliance audits. Provides detailed user behavior analysis with structured data preservation when traditional SIEM tools are unavailable or insufficient.
