Various content for Microsoft Sentinel
- Conditional-Access-Review - a workbook for reviewing Conditional Access events
- BlockIP-Namedlocation - take IP addresses from a Microsoft Sentinel incident and add them to a Conditional Access named location for blocking
- Watchlist-Backup - make copies of your watchlists and store them in Azure blob storage