https://github.com/mandiant/mandiant_managed_hunting

Azure Deployment Templates for Mandiant Managed Huning
https://github.com/mandiant/mandiant_managed_hunting

Last synced: about 1 year ago
JSON representation

Azure Deployment Templates for Mandiant Managed Huning

• Host: GitHub
• URL: https://github.com/mandiant/mandiant_managed_hunting
• Owner: mandiant
• License: apache-2.0
• Archived: true
• Created: 2021-04-06T23:12:15.000Z (about 5 years ago)
• Default Branch: main
• Last Pushed: 2023-06-01T13:28:51.000Z (about 3 years ago)
• Last Synced: 2025-02-24T20:59:44.574Z (over 1 year ago)
• Homepage:
• Size: 6.84 KB
• Stars: 11
• Watchers: 5
• Forks: 13
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE.txt

Awesome Lists containing this project

README

          
# Mandiant Managed Defense

## Managed Hunting for Microsoft Defender for Endpoint

The Managed Hunting service leverages [Azure Lighthouse](https://docs.microsoft.com/en-us/azure/lighthouse/overview) to ingest data from the customer-owned event hub.

The following button deploys the Azure Resource Management template [azuredeploy.json](azuredeploy.json). The intent of the ARM template is to delegate the contributor role for the subscription containing the event hub to a Mandiant Managed Defense user group. Mandiant administrators from the user group will then configure the Managed Hunting service to ingest data from the customer-owned event hub.

[![Deploy to Azure](https://aka.ms/deploytoazurebutton)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2Ffireeye%2Fmandiant_managed_hunting%2Fmain%2Fazuredeploy.json)

Subcription Owner role is required to complete the process triggered by the button.