Looking for security documentation and consultancy? Visit ridgelinecyber.com
Sign In
Free Tool

KQL Query Reference

Production KQL for Sentinel and Defender XDR. Search. Copy. Deploy.

Detection rules, hunting queries, and health monitoring queries organized by ATT&CK tactic and data table. Every query runs against production Microsoft security data. Filter by category, search by technique, copy to your Advanced Hunting console.